Threat Intelligence Reports

RA 10175 · Cybercrime Prevention Act · Last sync: 2026-06-12 03:52 PHT

🇵🇭

Threat Intelligence Reports

DICT–NCERT · gov.ph website coverage · MITRE ATT&CK · RA 10175 audit trail · 30-day window

+12.4% vs prior 30d

Total Threats (30d)

28,471

Across 4 subnets · 847 endpoints

+2.1% auto-block rate

Auto-Blocked (30d)

26,840

94.3% automated response rate

+318 new IPs

Unique Attacking IPs

4,218

Top origin: CN, RU, BR, US

+0.6% vs last month

Avg. F1 Score (Ensemble)

97.9%

Precision: 98.1% · Recall: 97.7%

Attack Trend — 30 Days

Detections by attack category · click legend to toggle

Attack Categories (30d)

28,471 total incidents

DDoS
35%
Brute Force
24%
Port Scan
18%
Botnet C2
15%
Malware
9%

ML Model Performance Metrics

Evaluated on CICIDS2017 + UNSW-NB15 combined test set · Target: 97%+ all metrics

All models exceeding 97% target

Threat Event Log12 records

TimestampAttack TypeSource IPTarget DeviceSeverityML ConfidenceAlgorithmMITRE ATT&CKKill Chain StageAction TakenActions
2026-06-12 03:51:44DDoS
203.0.113.47CN
fw-edge-01Critical
99.2%
XGBoostT1498Actions on ObjectivesIP Blocked
2026-06-12 03:49:12Brute Force
185.220.101.33RU
srv-db-02Critical
97.8%
Random ForestT1110Credential AccessAccount Disabled
2026-06-12 03:47:08Port Scan
198.51.100.22BR
web-proxy-01High
94.1%
LightGBMT1046DiscoveryIP Blocked
2026-06-12 03:44:55Botnet C2
91.108.4.12RU
ws-finance-07High
91.6%
Deep Neural NetT1071Command & ControlDevice Isolated
2026-06-12 03:41:30Malware
10.0.14.88Internal
ws-hr-03Medium
87.4%
Random ForestT1568C2 — DNSDevice Isolated
2026-06-12 03:38:17Credential Stuffing
45.33.32.156US
auth-svc-01Medium
85.9%
XGBoostT1110.004Credential AccessIP Blocked
2026-06-12 03:35:04Recon
172.16.0.44Internal
net-segment-bLow
78.2%
LightGBMT1595ReconnaissanceAlert Only
2026-06-12 03:20:11DDoS
5.188.206.18CN
fw-edge-01Critical
98.4%
XGBoostT1498Actions on ObjectivesIP Blocked
Rows per page:18 of 12