The ThreatMap data is a sample of real data collected from our two-way sharing customers for the past 30 days. The data represented in the map is malware communication to command and control (C2) servers, where the “Attackers” represent the location of the C2 servers and “Targets” represent customers.
To mask customer identity, locations are represented as the center of the country in which they reside. There is nothing in the data that can be used to identify a customer or their origin city. The “attacks today” counter is not a real time. Rather, we take a real, observed attack rate and then calculate attacks for the day based on local time.
Click here to check it out.
Hat tip: BadBlue Tech News.