header bg


What type of attack does the above scenario depict?
You are a Security Analyst for the business XYZ, which owns the whole subnet ranges and You discover a large number of outgoing connections when monitoring the data. You can observe that IP addresses owned by XYZ (internal) and private IP addresses are connecting with a single public IP address. As a result, the Internal IPs are transmitting data to the Public IP. You discover out that this Public IP is a blacklisted IP, and the internal communicating devices are compromised after further analysis.

A Botnet Attack