Incident Live 2146 / 2146
마지막 조회: 06:42:27
0개 선택됨
NEW 인시던트
4 개
* NEW 상태 인시던트를 모두 resolved_security_testing 으로 처리합니다
AUTO RESOLVE
OFF
5분마다 NEW 인시던트 중 알럿 5개 이상 자동 리졸브
| ID | Status | Severity | Description | Hosts | OS | Alerts | Created | Modified | Actions | |
|---|---|---|---|---|---|---|---|---|---|---|
| #1396 | Resolved | HIGH | Shared object injection using LD_PRELOAD on a shell command | inbridge-42 | Linux | 1 | 01-12 07:22 | 01-12 07:22 | - | |
| #1395 | Resolved | HIGH | Remote shell persistency acquired using the crontab mechanis... | in-bridge-40 | Linux | 1 | 01-12 07:22 | 01-12 07:22 | - | |
| #1394 | Resolved | MEDIUM | Process action type = execution AND target process cmd = *so... | inbridge-ubt-24 | Linux | 1 | 01-12 07:21 | 01-12 07:22 | - | |
| #1393 | Resolved | HIGH | 'Process Injection - 288965039' along with 4 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 5 | 01-12 07:16 | 01-12 07:19 | - | |
| #1392 | Resolved | HIGH | Process executes an obfuscated command for fetching remote f... | inbridge-42 | Linux | 1 | 01-12 07:16 | 01-12 07:19 | - | |
| #1391 | Resolved | HIGH | 'Credential Gathering Protection - 510630382' along with 5 o... | dwshin | Windows | 6 | 01-12 07:08 | 01-12 07:30 | - | |
| #1390 | Resolved | HIGH | 'Persistency - 456694134' along with 2 other issues generate... | in-bridge-40, inbridge-ubt-24 | Linux | 3 | 01-12 07:05 | 01-12 07:19 | - | |
| #1389 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 5 other is... | in-bridge-40, inbridge-42 +1 | Linux | 6 | 01-12 07:00 | 01-12 07:05 | - | |
| #1388 | Resolved | HIGH | 'Persistency - 779040014' along with 6 other issues generate... | in-bridge-40, inbridge-ubt-24 | Linux | 7 | 01-12 06:36 | 01-12 07:00 | - | |
| #1387 | Resolved | HIGH | 'Process Injection - 288965039' along with 5 other issues ge... | inbridge-42, inbridge-ubt-24 | Linux | 6 | 01-12 06:35 | 01-12 07:00 | - | |
| #1386 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 7 other is... | in-bridge-40, inbridge-42 +1 | Linux | 8 | 01-12 06:30 | 01-12 06:35 | - | |
| #1385 | Resolved | HIGH | 'Evasion Technique - 527483761' along with 4 other issues ge... | dwshin | Windows | 5 | 01-12 06:26 | 01-12 07:05 | - | |
| #1384 | Resolved | MEDIUM | 'WildFire Malware' along with 4 other issues generated by XD... | teahee | Windows | 5 | 01-12 06:26 | 01-12 08:36 | - | |
| #1383 | Resolved | HIGH | 'Process Injection - 288965039' along with 24 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 25 | 01-12 06:00 | 01-12 06:04 | - | |
| #1382 | Resolved | HIGH | 'Evasion Technique - 527483761' along with 4 other issues ge... | dwshin | Windows | 5 | 01-12 05:51 | 01-12 06:15 | - | |
| #1381 | Resolved | HIGH | 'Process Injection - 288965039' along with 15 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 16 | 01-12 05:45 | 01-12 05:49 | - | |
| #1380 | Resolved | HIGH | 'Script Activity - 3055004603' along with 4 other issues gen... | dwshin | Windows | 5 | 01-12 05:37 | 01-12 05:44 | - | |
| #1379 | Resolved | HIGH | Process executes an obfuscated command for fetching remote f... | inbridge-42 | Linux | 1 | 01-12 05:36 | 01-12 05:36 | - | |
| #1378 | Resolved | HIGH | 'Process Injection - 288965039' along with 3 other issues ge... | inbridge-42, inbridge-ubt-24 | Linux | 4 | 01-12 05:36 | 01-12 05:36 | - | |
| #1377 | Resolved | HIGH | 'Persistency - 456694134' along with 4 other issues generate... | in-bridge-40 | Linux | 5 | 01-12 05:30 | 01-12 05:36 | - | |
| #1376 | Resolved | HIGH | 'Persistency - 779040014' along with 11 other issues generat... | in-bridge-40, inbridge-42 +1 | Linux | 12 | 01-12 05:30 | 01-12 05:34 | - | |
| #1375 | Resolved | HIGH | 'Process Injection - 288965039' along with 2 other issues ge... | inbridge-42 | Linux | 3 | 01-12 05:25 | 01-12 05:26 | - | |
| #1374 | Resolved | HIGH | Suspicious cron job using a base64 payload | in-bridge-40 | Linux | 1 | 01-12 05:25 | 01-12 05:26 | - | |
| #1373 | Resolved | HIGH | 'Persistency - 779040014' along with 1 other issue generated... | inbridge-ubt-24 | Linux | 2 | 01-12 05:20 | 01-12 05:26 | - | |
| #1372 | Resolved | HIGH | 'Process Injection - 288965039' along with 7 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 8 | 01-12 05:19 | 01-12 05:24 | - | |
| #1371 | Resolved | HIGH | 'Process Injection - 288965039' along with 21 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 22 | 01-12 05:15 | 01-12 05:19 | - | |
| #1370 | Resolved | HIGH | 'Persistency - 779040014' along with 12 other issues generat... | in-bridge-40, inbridge-ubt-24 | Linux | 13 | 01-12 05:13 | 01-12 05:19 | - | |
| #1369 | Resolved | HIGH | 'Network Connection - 1971152322' along with 4 other issues ... | dwshin | Windows | 5 | 01-12 04:41 | 01-12 05:29 | - | |
| #1368 | Resolved | HIGH | 'Persistency - 779040014' along with 17 other issues generat... | in-bridge-40, inbridge-42 +1 | Linux | 18 | 01-12 04:30 | 01-12 05:04 | - | |
| #1367 | Resolved | HIGH | 'File Drop - 3732557733' along with 4 other issues generated... | dwshin | Windows | 5 | 01-12 04:27 | 01-12 04:38 | - | |
| #1366 | Resolved | MEDIUM | 'WildFire Malware' along with 4 other issues generated by XD... | book-r0be6s1nc3 | Windows | 5 | 01-12 04:08 | 01-12 08:36 | - | |
| #1365 | Resolved | HIGH | 'Persistency - 1983659418' along with 5 other issues generat... | dwshin | Windows | 6 | 01-12 03:44 | 01-12 04:23 | - | |
| #1364 | Resolved | HIGH | 'Persistency - 779040014' along with 6 other issues generate... | in-bridge-40, inbridge-ubt-24 | Linux | 7 | 01-12 03:35 | 01-12 04:03 | - | |
| #1363 | Resolved | MEDIUM | 'WildFire Malware' along with 4 other issues generated by XD... | teahee | Windows | 5 | 01-12 03:31 | 01-12 05:44 | - | |
| #1362 | Resolved | MEDIUM | 'WildFire Malware' along with 4 other issues generated by XD... | dwshin | Windows | 5 | 01-12 03:31 | 01-12 03:43 | - | |
| #1361 | Resolved | HIGH | 'Process Injection - 288965039' along with 7 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 8 | 01-12 03:21 | 01-12 03:38 | - | |
| #1360 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 16 other i... | in-bridge-40, inbridge-42 +1 | Linux | 17 | 01-12 03:21 | 01-12 04:03 | - | |
| #1359 | Resolved | HIGH | 'Persistency - 779040014' along with 11 other issues generat... | in-bridge-40, inbridge-42 +1 | Linux | 12 | 01-12 03:18 | 01-12 03:20 | - | |
| #1358 | Resolved | HIGH | 'Persistency - 779040014' along with 2 other issues generate... | in-bridge-40, inbridge-42 | Linux | 3 | 01-12 03:05 | 01-12 03:17 | - | |
| #1357 | Resolved | HIGH | Process executes an obfuscated command for fetching remote f... | inbridge-42 | Linux | 1 | 01-12 03:03 | 01-12 03:17 | - | |
| #1356 | resolved_duplicate_incident | HIGH | 'Evasion Technique - 527483761' along with 4 other issues ge... | dwshin | Windows | 5 | 01-12 03:03 | 01-12 03:20 | - | |
| #1355 | Resolved | MEDIUM | Process action type = execution AND target process cmd = *so... | inbridge-ubt-24 | Linux | 1 | 01-12 02:51 | 01-12 03:17 | - | |
| #1354 | Resolved | HIGH | 'Process Injection - 288965039' along with 13 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 14 | 01-12 02:47 | 01-12 03:02 | - | |
| #1353 | Resolved | HIGH | 'Network Connection - 1971152322' along with 4 other issues ... | dwshin | Windows | 5 | 01-12 02:39 | 01-12 02:57 | - | |
| #1352 | Resolved | HIGH | 'Powershell Activity - 3990759154' along with 4 other issues... | dwshin | Windows | 5 | 01-12 02:25 | 01-12 02:37 | - | |
| #1351 | Resolved | HIGH | 'Process Injection - 288965039' along with 5 other issues ge... | inbridge-ubt-24 | Linux | 6 | 01-12 02:19 | 01-12 02:40 | - | |
| #1350 | Resolved | MEDIUM | 'WildFire Malware' along with 2 other issues generated by XD... | teahee | Windows | 3 | 01-12 02:14 | 01-12 03:20 | - | |
| #1349 | Resolved | MEDIUM | 'WildFire Malware' along with 1 other issue generated by XDR... | book-r0be6s1nc3 | Windows | 2 | 01-12 01:56 | 01-12 03:20 | - | |
| #1348 | Resolved | HIGH | 'File Drop - 1815185192' along with 4 other issues generated... | dwshin | Windows | 5 | 01-12 01:53 | 01-12 02:17 | - | |
| #1347 | Resolved | HIGH | 'Process Injection - 288965039' along with 7 other issues ge... | in-bridge-40, inbridge-42 | Linux | 8 | 01-12 01:47 | 01-12 01:52 | - |