Incident Live 2142 / 2142
마지막 조회: 22:34:16
0개 선택됨
NEW 인시던트
2 개
* NEW 상태 인시던트를 모두 resolved_security_testing 으로 처리합니다
AUTO RESOLVE
OFF
5분마다 NEW 인시던트 중 알럿 5개 이상 자동 리졸브
| ID | Status | Severity | Description | Hosts | OS | Alerts | Created | Modified | Actions | |
|---|---|---|---|---|---|---|---|---|---|---|
| #51 | Resolved | HIGH | 'Persistency - 779040014' along with 2 other issues generate... | inbridge-ubt-24 | Linux | 3 | 01-01 14:33 | 01-01 14:34 | - | |
| #52 | Resolved | HIGH | Shared object injection using LD_PRELOAD on a shell command | inbridge-42 | Linux | 1 | 01-01 14:34 | 01-01 14:34 | - | |
| #53 | Resolved | HIGH | 'Process Injection - 288965039' along with 2 other issues ge... | inbridge-ubt-24 | Linux | 3 | 01-01 14:35 | 01-01 14:36 | - | |
| #54 | Resolved | HIGH | 'Process Injection - 288965039' along with 2 other issues ge... | in-bridge-40 | Linux | 3 | 01-01 14:35 | 01-01 14:36 | - | |
| #55 | Resolved | HIGH | 'Powershell Activity - 3083271452' along with 68 other issue... | desktop-fnumv3u | Windows | 69 | 01-01 14:36 | 01-01 19:03 | - | |
| #56 | Resolved | MEDIUM | Process action type = execution AND target process cmd = *so... | inbridge-42 | Linux | 1 | 01-01 14:39 | 01-01 19:03 | - | |
| #57 | Resolved | HIGH | 'Command-line arguments match Mimikatz execution' along with... | desktop-fnumv3u, teahee | Windows | 14 | 01-01 19:16 | 01-01 19:45 | - | |
| #58 | Resolved | HIGH | 'Evasion Technique - 527483761' along with 8 other issues ge... | desktop-fnumv3u, teahee | Windows | 9 | 01-01 19:51 | 01-01 20:06 | - | |
| #59 | Resolved | HIGH | 'File Drop - 1815185192' along with 3 other issues generated... | teahee | Windows | 4 | 01-01 20:06 | 01-02 05:04 | - | |
| #60 | Resolved | HIGH | 'Powershell Activity - 3083271452' along with 116 other issu... | desktop-fnumv3u | Windows | 117 | 01-01 20:19 | 01-02 05:02 | - | |
| #61 | Resolved | HIGH | 'Staged Malware Activity - 2394207323' along with 3 other is... | desktop-fnumv3u | Windows | 4 | 01-02 05:04 | 01-02 05:24 | - | |
| #62 | Resolved | HIGH | 'Process Injection - 288965039' along with 1 other issue gen... | inbridge-ubt-24 | Linux | 2 | 01-02 05:19 | 01-02 05:20 | - | |
| #63 | Resolved | HIGH | 'Process Injection - 288965039' along with 3 other issues ge... | in-bridge-40 | Linux | 4 | 01-02 05:19 | 01-02 05:19 | - | |
| #64 | Resolved | HIGH | 'Process Injection - 288965039' along with 2 other issues ge... | inbridge-42 | Linux | 3 | 01-02 05:19 | 01-02 05:19 | - | |
| #65 | Resolved | HIGH | 'Process Injection - 288965039' along with 3 other issues ge... | inbridge-ubt-24 | Linux | 4 | 01-02 05:21 | 01-02 05:43 | - | |
| #66 | Resolved | HIGH | 'Persistency - 456694134' along with 3 other issues generate... | in-bridge-40 | Linux | 4 | 01-02 05:21 | 01-02 05:43 | - | |
| #67 | Resolved | HIGH | 'Powershell Activity - 3990759154' along with 2 other issues... | desktop-fnumv3u | Windows | 3 | 01-02 05:25 | 01-02 05:31 | - | |
| #68 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 2 other is... | inbridge-42 | Linux | 3 | 01-02 05:26 | 01-02 05:43 | - | |
| #69 | Resolved | HIGH | 'Protection Against Security Measures Bypass Techniques - 19... | desktop-fnumv3u | Windows | 10 | 01-02 05:32 | 01-02 06:04 | - | |
| #70 | Resolved | HIGH | 'Persistency - 779040014' along with 3 other issues generate... | inbridge-ubt-24 | Linux | 4 | 01-02 05:44 | 01-02 05:44 | - | |
| #71 | Resolved | HIGH | 'Process Injection - 288965039' along with 2 other issues ge... | in-bridge-40 | Linux | 3 | 01-02 05:44 | 01-02 05:44 | - | |
| #72 | Resolved | HIGH | 'Process Injection - 288965039' along with 1 other issue gen... | inbridge-42 | Linux | 2 | 01-02 05:44 | 01-02 05:44 | - | |
| #73 | Resolved | HIGH | 'Persistency - 779040014' along with 2 other issues generate... | inbridge-ubt-24 | Linux | 3 | 01-02 05:44 | 01-02 05:49 | - | |
| #74 | Resolved | HIGH | 'Process Injection - 288965039' along with 1 other issue gen... | in-bridge-40 | Linux | 2 | 01-02 05:47 | 01-02 05:49 | - | |
| #75 | Resolved | HIGH | 'Persistency - 779040014' along with 1 other issue generated... | inbridge-42 | Linux | 2 | 01-02 05:47 | 01-02 05:49 | - | |
| #76 | Resolved | HIGH | 'Regsvr32 may have run code from an untrusted source' along ... | desktop-fnumv3u | Windows | 43 | 01-02 06:07 | 01-02 09:34 | - | |
| #77 | Resolved | HIGH | 'Command-line arguments match Mimikatz execution' along with... | desktop-fnumv3u | Windows | 9 | 01-02 09:51 | 01-02 10:14 | - | |
| #78 | Resolved | HIGH | 'Powershell Activity - 3083271452' along with 5 other issues... | teahee | Windows | 6 | 01-02 09:58 | 01-02 10:14 | - | |
| #79 | Resolved | HIGH | 'Staged Malware Activity - 2394207323' along with 6 other is... | dwshin | Windows | 7 | 01-02 10:04 | 01-02 10:13 | - | |
| #80 | Resolved | HIGH | 'File Drop - 1815185192' along with 6 other issues generated... | book-r0be6s1nc3, teahee | Windows | 7 | 01-02 10:14 | 01-02 10:36 | - | |
| #81 | Resolved | HIGH | 'SYNC - Credential Gathering - 2237270456' along with 3 othe... | dwshin | Windows | 4 | 01-02 10:18 | 01-02 10:37 | - | |
| #82 | Resolved | HIGH | 'Script Activity - 3055004603' along with 2 other issues gen... | desktop-fnumv3u | Windows | 3 | 01-02 10:26 | 01-02 10:37 | - | |
| #83 | Resolved | HIGH | 'Ransomware Activity - 426137677' along with 12 other issues... | dwshin | Windows | 13 | 01-02 10:39 | 01-02 11:33 | - | |
| #84 | Resolved | HIGH | 'Powershell Activity - 3990759154' along with 33 other issue... | book-r0be6s1nc3, desktop-fnumv3u +1 | Windows | 34 | 01-02 10:40 | 01-02 11:33 | - | |
| #85 | Resolved | HIGH | 'Network Connection - 1971152322' along with 2 other issues ... | book-r0be6s1nc3 | Windows | 3 | 01-02 10:43 | 01-02 11:33 | - | |
| #86 | Resolved | HIGH | 'Powershell Activity - 3083271452' along with 1 other issue ... | dwshin | Windows | 2 | 01-02 11:35 | 01-02 11:46 | - | |
| #87 | Resolved | HIGH | 'Evasion Technique - 1720575843' along with 5 other issues g... | desktop-fnumv3u, teahee | Windows | 6 | 01-02 11:36 | 01-02 11:46 | - | |
| #88 | Resolved | HIGH | 'File Drop - 1815185192' along with 1 other issue generated ... | teahee | Windows | 2 | 01-02 11:39 | 01-02 11:57 | - | |
| #89 | Resolved | HIGH | 'Credential Gathering Protection - 3380811775' along with 2 ... | dwshin | Windows | 3 | 01-02 11:49 | 01-02 11:57 | - | |
| #90 | Resolved | HIGH | 'Powershell Activity - 3990759154' along with 4 other issues... | book-r0be6s1nc3 | Windows | 5 | 01-02 11:50 | 01-02 11:57 | - | |
| #91 | Resolved | HIGH | 'Regsvr32 may have run code from an untrusted source' along ... | desktop-fnumv3u | Windows | 5 | 01-02 11:50 | 01-02 11:56 | - | |
| #92 | Resolved | HIGH | 'Persistency - 779040014' along with 5 other issues generate... | in-bridge-40 | Linux | 6 | 01-02 11:56 | 01-02 12:03 | - | |
| #93 | Resolved | HIGH | 'Powershell Activity - 3083271452' along with 16 other issue... | book-r0be6s1nc3, desktop-fnumv3u +1 | Windows | 17 | 01-02 11:58 | 01-02 13:34 | - | |
| #94 | Resolved | HIGH | 'Process Injection - 288965039' along with 5 other issues ge... | inbridge-ubt-24 | Linux | 6 | 01-02 12:00 | 01-02 12:03 | - | |
| #95 | Resolved | MEDIUM | 'WildFire Malware' along with 3 other issues generated by XD... | teahee | Windows | 4 | 01-02 12:03 | 01-02 13:34 | - | |
| #96 | Resolved | HIGH | 'Protection Against Security Measures Bypass Techniques - 19... | dwshin | Windows | 20 | 01-02 12:03 | 01-02 13:34 | - | |
| #97 | Resolved | HIGH | 'Persistency - 779040014' along with 2 other issues generate... | inbridge-42 | Linux | 3 | 01-02 12:03 | 01-02 12:03 | - | |
| #98 | Resolved | HIGH | 'Persistency - 779040014' along with 2 other issues generate... | inbridge-ubt-24 | Linux | 3 | 01-02 12:03 | 01-02 12:23 | - | |
| #99 | Resolved | HIGH | 'Process Injection - 288965039' along with 5 other issues ge... | in-bridge-40 | Linux | 6 | 01-02 12:04 | 01-02 12:22 | - | |
| #100 | Resolved | HIGH | 'Staged Malware Activity - 2394207323' along with 17 other i... | book-r0be6s1nc3, desktop-fnumv3u | Windows | 18 | 01-02 12:04 | 01-02 13:34 | - |