Incident Live 2146 / 2146
마지막 조회: 05:31:39
0개 선택됨
NEW 인시던트
4 개
* NEW 상태 인시던트를 모두 resolved_security_testing 으로 처리합니다
AUTO RESOLVE
OFF
5분마다 NEW 인시던트 중 알럿 5개 이상 자동 리졸브
| ID | Status | Severity | Description | Hosts | OS | Alerts | Created | Modified | Actions | |
|---|---|---|---|---|---|---|---|---|---|---|
| #1647 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 6 other is... | inbridge-ubt-24 | Linux | 7 | 01-15 05:31 | 01-15 05:50 | - | |
| #1644 | Resolved | HIGH | 'Protection Against Security Measures Bypass Techniques - 19... | dwshin | Windows | 5 | 01-15 05:13 | 01-15 05:40 | - | |
| #1639 | Resolved | HIGH | 'Process Injection - 288965039' along with 8 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 9 | 01-15 04:09 | 01-15 05:30 | - | |
| #1646 | Resolved | HIGH | Process executes an obfuscated command for fetching remote f... | inbridge-42 | Linux | 1 | 01-15 05:30 | 01-15 05:30 | - | |
| #1645 | Resolved | HIGH | 'Persistency - 456694134' along with 5 other issues generate... | in-bridge-40, inbridge-42 +1 | Linux | 6 | 01-15 05:30 | 01-15 05:30 | - | |
| #1642 | Resolved | HIGH | 'Process Injection - 288965039' along with 11 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 12 | 01-15 04:30 | 01-15 05:26 | - | |
| #1640 | Resolved | HIGH | 'Network Connection - 1971152322' along with 4 other issues ... | dwshin | Windows | 5 | 01-15 04:26 | 01-15 05:10 | - | |
| #1643 | Resolved | HIGH | 'Process Injection - 288965039' along with 4 other issues ge... | in-bridge-40, inbridge-ubt-24 | Linux | 5 | 01-15 04:32 | 01-15 05:00 | - | |
| #1641 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 5 other is... | in-bridge-40, inbridge-42 +1 | Linux | 6 | 01-15 04:28 | 01-15 04:30 | - | |
| #1636 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 5 other is... | in-bridge-40, inbridge-42 +1 | Linux | 6 | 01-15 03:54 | 01-15 04:15 | - | |
| #1637 | Resolved | HIGH | 'Script Activity - 3055004603' along with 4 other issues gen... | dwshin | Windows | 5 | 01-15 03:58 | 01-15 04:15 | - | |
| #1634 | Resolved | HIGH | 'Persistency - 456694134' along with 20 other issues generat... | in-bridge-40, inbridge-42 +1 | Linux | 21 | 01-15 03:33 | 01-15 04:05 | - | |
| #1628 | Resolved | HIGH | 'Staged Malware Activity - 2394207323' along with 4 other is... | dwshin | Windows | 5 | 01-15 03:01 | 01-15 03:45 | - | |
| #1629 | Resolved | HIGH | 'Powershell Activity - 3083271452' along with 5 other issues... | teahee | Windows | 6 | 01-15 03:06 | 01-15 03:45 | - | |
| #1635 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 11 other i... | in-bridge-40, inbridge-42 +1 | Linux | 12 | 01-15 03:33 | 01-15 03:44 | - | |
| #1631 | Resolved | HIGH | Suspicious cron job using a base64 payload | inbridge-ubt-24 | Linux | 1 | 01-15 03:22 | 01-15 03:33 | - | |
| #1633 | Resolved | MEDIUM | Process action type = execution AND target process cmd = *so... | inbridge-42 | Linux | 1 | 01-15 03:27 | 01-15 03:33 | - | |
| #1632 | Resolved | HIGH | 'Process Injection - 288965039' along with 8 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 9 | 01-15 03:27 | 01-15 03:33 | - | |
| #1630 | Resolved | HIGH | 'Persistency - 779040014' along with 4 other issues generate... | in-bridge-40, inbridge-42 | Linux | 5 | 01-15 03:20 | 01-15 03:24 | - | |
| #1625 | Resolved | HIGH | 'Persistency - 779040014' along with 8 other issues generate... | in-bridge-40, inbridge-ubt-24 | Linux | 9 | 01-15 02:30 | 01-15 03:19 | - | |
| #1627 | Resolved | HIGH | 'Process Injection - 288965039' along with 14 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 15 | 01-15 02:55 | 01-15 03:09 | - | |
| #1615 | Resolved | HIGH | 'File Drop - 1815185192' along with 4 other issues generated... | teahee | Windows | 5 | 01-15 01:41 | 01-15 03:04 | - | |
| #1626 | Resolved | HIGH | 'Credential Gathering Protection - 510630382' along with 5 o... | dwshin | Windows | 6 | 01-15 02:48 | 01-15 02:59 | - | |
| #1623 | Resolved | HIGH | 'Protection Against Security Measures Bypass Techniques - 19... | dwshin | Windows | 6 | 01-15 02:13 | 01-15 02:39 | - | |
| #1624 | Resolved | HIGH | 'Process Injection - 288965039' along with 5 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 6 | 01-15 02:28 | 01-15 02:39 | - | |
| #1622 | Resolved | HIGH | 'Process Injection - 288965039' along with 10 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 11 | 01-15 02:03 | 01-15 02:13 | - | |
| #1621 | Resolved | HIGH | 'Process Injection - 288965039' along with 14 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 15 | 01-15 02:01 | 01-15 02:08 | - | |
| #1620 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 8 other is... | in-bridge-40, inbridge-42 +1 | Linux | 9 | 01-15 02:00 | 01-15 02:03 | - | |
| #1618 | Resolved | HIGH | 'Persistency - 779040014' along with 2 other issues generate... | inbridge-42, inbridge-ubt-24 | Linux | 3 | 01-15 02:00 | 01-15 02:00 | - | |
| #1619 | Resolved | HIGH | Process executes an obfuscated command for fetching remote f... | inbridge-42 | Linux | 1 | 01-15 02:00 | 01-15 02:00 | - | |
| #1617 | Resolved | HIGH | 'Process Injection - 288965039' along with 5 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 6 | 01-15 01:42 | 01-15 02:00 | - | |
| #1607 | Resolved | HIGH | 'Credential Gathering Protection - 122198212' along with 4 o... | dwshin | Windows | 5 | 01-15 01:31 | 01-15 02:00 | - | |
| #1616 | Resolved | HIGH | 'Persistency - 779040014' along with 4 other issues generate... | inbridge-42, inbridge-ubt-24 | Linux | 5 | 01-15 01:42 | 01-15 01:43 | - | |
| #1612 | Resolved | MEDIUM | Process action type = execution AND target process cmd = *so... | inbridge-ubt-24 | Linux | 1 | 01-15 01:36 | 01-15 01:40 | - | |
| #1613 | Resolved | HIGH | 'Process Injection - 288965039' along with 1 other issue gen... | in-bridge-40, inbridge-42 | Linux | 2 | 01-15 01:39 | 01-15 01:39 | - | |
| #1614 | Resolved | HIGH | 'Persistency - 779040014' along with 2 other issues generate... | inbridge-42 | Linux | 3 | 01-15 01:39 | 01-15 01:39 | - | |
| #1596 | Resolved | HIGH | 'Protection Against Security Measures Bypass Techniques - 19... | teahee | Windows | 5 | 01-14 23:43 | 01-15 01:38 | - | |
| #1611 | Resolved | HIGH | 'Persistency - 779040014' along with 6 other issues generate... | in-bridge-40, inbridge-42 +1 | Linux | 7 | 01-15 01:36 | 01-15 01:38 | - | |
| #1609 | Resolved | MEDIUM | 'Perl script connecting to network' along with 3 other issue... | in-bridge-40, inbridge-42 | Linux | 4 | 01-15 01:35 | 01-15 01:36 | - | |
| #1610 | Resolved | HIGH | Process executes an obfuscated command for fetching remote f... | inbridge-42 | Linux | 1 | 01-15 01:36 | 01-15 01:36 | - | |
| #1608 | Resolved | HIGH | 'Process Injection - 288965039' along with 4 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 5 | 01-15 01:34 | 01-15 01:36 | - | |
| #1606 | Resolved | HIGH | 'Process Injection - 288965039' along with 13 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 14 | 01-15 01:25 | 01-15 01:33 | - | |
| #1603 | Resolved | HIGH | 'Process Injection - 288965039' along with 4 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 5 | 01-15 01:20 | 01-15 01:20 | - | |
| #1604 | Resolved | MEDIUM | 'Perl script connecting to network' along with 1 other issue... | inbridge-42 | Linux | 2 | 01-15 01:20 | 01-15 01:20 | - | |
| #1605 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 1 other is... | in-bridge-40, inbridge-42 | Linux | 2 | 01-15 01:20 | 01-15 01:20 | - | |
| #1586 | Resolved | HIGH | 'Persistency - 779040014' along with 8 other issues generate... | in-bridge-40, inbridge-ubt-24 | Linux | 9 | 01-14 20:07 | 01-15 01:20 | - | |
| #1602 | Resolved | HIGH | 'Process Injection - 288965039' along with 1 other issue gen... | in-bridge-40, inbridge-ubt-24 | Linux | 2 | 01-15 01:18 | 01-15 01:20 | - | |
| #1601 | Resolved | HIGH | 'Persistency - 779040014' along with 7 other issues generate... | inbridge-42, inbridge-ubt-24 | Linux | 8 | 01-15 01:17 | 01-15 01:19 | - | |
| #1599 | Resolved | HIGH | 'Ransomware Activity - 426137677' along with 4 other issues ... | dwshin | Windows | 5 | 01-15 00:42 | 01-15 01:18 | - | |
| #1600 | Resolved | HIGH | 'Process Injection - 288965039' along with 7 other issues ge... | inbridge-42, inbridge-ubt-24 | Linux | 8 | 01-15 00:48 | 01-15 01:03 | - |