Incident Live 2146 / 2146
마지막 조회: 14:41:12
0개 선택됨
NEW 인시던트
4 개
* NEW 상태 인시던트를 모두 resolved_security_testing 으로 처리합니다
AUTO RESOLVE
OFF
5분마다 NEW 인시던트 중 알럿 5개 이상 자동 리졸브
| ID | Status | Severity | Description | Hosts | OS | Alerts | Created | Modified | Actions | |
|---|---|---|---|---|---|---|---|---|---|---|
| #1003 | Resolved | HIGH | 'Process Injection - 288965039' along with 1 other issue gen... | in-bridge-40 | Linux | 2 | 01-07 09:03 | 01-07 09:17 | - | |
| #1005 | Resolved | HIGH | 'Process Injection - 288965039' along with 1 other issue gen... | inbridge-ubt-24 | Linux | 2 | 01-07 09:17 | 01-07 09:17 | - | |
| #1008 | Resolved | HIGH | Remote shell persistency acquired using the crontab mechanis... | inbridge-42 | Linux | 1 | 01-07 09:20 | 01-07 09:20 | - | |
| #1007 | Resolved | HIGH | 'Process Injection - 288965039' along with 1 other issue gen... | in-bridge-40 | Linux | 2 | 01-07 09:20 | 01-07 09:20 | - | |
| #1006 | Resolved | HIGH | 'Process Injection - 288965039' along with 2 other issues ge... | inbridge-ubt-24 | Linux | 3 | 01-07 09:20 | 01-07 09:20 | - | |
| #1013 | Resolved | HIGH | 'Persistency - 779040014' along with 1 other issue generated... | inbridge-42 | Linux | 2 | 01-07 10:00 | 01-07 10:05 | - | |
| #1012 | Resolved | HIGH | 'Persistency - 779040014' along with 2 other issues generate... | in-bridge-40 | Linux | 3 | 01-07 10:00 | 01-07 10:05 | - | |
| #1011 | Resolved | HIGH | 'Process Injection - 288965039' along with 2 other issues ge... | inbridge-ubt-24 | Linux | 3 | 01-07 10:00 | 01-07 10:05 | - | |
| #1009 | Resolved | HIGH | 'Process Injection - 288965039' along with 5 other issues ge... | inbridge-ubt-24 | Linux | 6 | 01-07 09:21 | 01-07 10:05 | - | |
| #1010 | Resolved | HIGH | 'Persistency - 456694134' along with 5 other issues generate... | inbridge-42 | Linux | 6 | 01-07 09:49 | 01-07 10:05 | - | |
| #1014 | Resolved | HIGH | 'Process Injection - 288965039' along with 3 other issues ge... | inbridge-ubt-24 | Linux | 4 | 01-07 10:05 | 01-07 10:10 | - | |
| #1016 | Resolved | HIGH | 'Process Injection - 288965039' along with 2 other issues ge... | inbridge-42 | Linux | 3 | 01-07 10:08 | 01-07 10:10 | - | |
| #1015 | Resolved | HIGH | 'Process Injection - 288965039' along with 3 other issues ge... | in-bridge-40 | Linux | 4 | 01-07 10:05 | 01-07 10:10 | - | |
| #1019 | Resolved | MEDIUM | Process action type = execution AND target process cmd = *so... | inbridge-42 | Linux | 1 | 01-07 10:13 | 01-07 10:13 | - | |
| #1018 | Resolved | HIGH | Process executes an obfuscated command for fetching remote f... | inbridge-ubt-24 | Linux | 1 | 01-07 10:13 | 01-07 10:13 | - | |
| #1017 | Resolved | HIGH | 'Process Injection - 288965039' along with 5 other issues ge... | in-bridge-40 | Linux | 6 | 01-07 10:10 | 01-07 10:13 | - | |
| #1021 | Resolved | HIGH | 'Process Injection - 288965039' along with 4 other issues ge... | inbridge-42 | Linux | 5 | 01-07 10:13 | 01-07 10:14 | - | |
| #1020 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 4 other is... | in-bridge-40 | Linux | 5 | 01-07 10:13 | 01-07 10:14 | - | |
| #1022 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 2 other is... | inbridge-ubt-24 | Linux | 3 | 01-07 10:13 | 01-07 10:14 | - | |
| #1023 | Resolved | HIGH | 'Persistency - 779040014' along with 5 other issues generate... | inbridge-ubt-24 | Linux | 6 | 01-07 10:14 | 01-07 11:38 | - | |
| #1025 | Resolved | HIGH | 'Persistency - 779040014' along with 2 other issues generate... | inbridge-42 | Linux | 3 | 01-07 10:18 | 01-07 11:38 | - | |
| #1024 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 1 other is... | in-bridge-40 | Linux | 2 | 01-07 10:16 | 01-07 11:38 | - | |
| #1028 | Resolved | CRITICAL | 'CVE-2023-45853 vulnerability in zlib at /symantec_testmanag... | - | - | 553 | 01-07 23:31 | 01-08 14:57 | - | |
| #1027 | Resolved | HIGH | 'Process Injection - 288965039' along with 932 other issues ... | in-bridge-40, inbridge-42 +1 | Linux | 933 | 01-07 11:38 | 01-08 14:57 | - | |
| #1029 | Resolved | HIGH | 'Process Injection - 288965039' along with 7 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 8 | 01-08 15:00 | 01-08 15:07 | - | |
| #1030 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 1 other is... | in-bridge-40, inbridge-ubt-24 | Linux | 2 | 01-08 15:00 | 01-08 15:07 | - | |
| #1026 | Resolved | HIGH | 'Process Injection - 288965039' along with 4 other issues ge... | inbridge-ubt-24 | Linux | 5 | 01-07 11:38 | 01-08 15:07 | - | |
| #1033 | Resolved | HIGH | 'Process Injection - 288965039' along with 3 other issues ge... | in-bridge-40, inbridge-42 | Linux | 4 | 01-08 15:15 | 01-08 15:17 | - | |
| #1031 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 5 other is... | inbridge-ubt-24 | Linux | 6 | 01-08 15:07 | 01-08 15:17 | - | |
| #1032 | Resolved | HIGH | 'Process Injection - 288965039' along with 5 other issues ge... | in-bridge-40, inbridge-42 | Linux | 6 | 01-08 15:08 | 01-08 15:17 | - | |
| #1034 | Resolved | HIGH | 'Process Injection - 288965039' along with 18 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 19 | 01-08 15:20 | 01-08 15:36 | - | |
| #273 | Resolved | HIGH | 'Network Connection - 1971152322' along with 948 other issue... | book-r0be6s1nc3, desktop-fnumv3u +2 | Windows | 949 | 01-03 14:30 | 01-08 15:36 | - | |
| #271 | Resolved | HIGH | 'Evasion Technique - 527483761' along with 998 other issues ... | dwshin | Windows | 999 | 01-03 14:11 | 01-08 15:38 | - | |
| #613 | Resolved | CRITICAL | 'CVE-2023-45853 vulnerability in zlib at /symantec_testmanag... | - | - | 1000 | 01-06 09:30 | 01-08 15:38 | - | |
| #1037 | Resolved | HIGH | 'Possible LSASS memory dump' along with 2 other issues gener... | book-r0be6s1nc3 | Windows | 3 | 01-08 15:44 | 01-08 15:56 | - | |
| #1035 | Resolved | HIGH | 'Network Connection - 1971152322' along with 3 other issues ... | dwshin | Windows | 4 | 01-08 15:38 | 01-08 15:56 | - | |
| #1038 | Resolved | HIGH | 'Process Injection - 288965039' along with 24 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 25 | 01-08 15:46 | 01-08 15:57 | - | |
| #1040 | Resolved | HIGH | 'Evasion Technique - 527483761' along with 1 other issue gen... | dwshin | Windows | 2 | 01-08 15:59 | 01-08 16:08 | - | |
| #1039 | Resolved | HIGH | 'File Drop - 1815185192' along with 6 other issues generated... | book-r0be6s1nc3 | Windows | 7 | 01-08 15:57 | 01-08 16:08 | - | |
| #1042 | resolved_duplicate_incident | HIGH | 'Protection Against Security Measures Bypass Techniques - 19... | book-r0be6s1nc3 | Windows | 6 | 01-08 16:10 | 01-08 16:20 | - | |
| #1044 | Resolved | HIGH | 'File Drop - 1815185192' along with 1 other issue generated ... | book-r0be6s1nc3 | Windows | 2 | 01-08 16:23 | 01-08 16:25 | - | |
| #1043 | Resolved | HIGH | 'Persistency - 456694134' along with 1 other issue generated... | inbridge-ubt-24 | Linux | 2 | 01-08 16:20 | 01-08 16:25 | - | |
| #1041 | Resolved | MEDIUM | Suspicious executable detected | teahee | Windows | 1 | 01-08 16:06 | 01-08 16:25 | - | |
| #1036 | Resolved | CRITICAL | MiniZip in zlib through 1.3 has an integer overflow and resu... | - | - | 1 | 01-08 15:43 | 01-08 16:25 | - | |
| #1049 | Resolved | HIGH | 'Process Injection - 288965039' along with 2 other issues ge... | in-bridge-40 | Linux | 3 | 01-08 16:40 | 01-08 16:42 | - | |
| #1048 | Resolved | HIGH | 'Persistency - 779040014' along with 1 other issue generated... | in-bridge-40, inbridge-ubt-24 | Linux | 2 | 01-08 16:40 | 01-08 16:42 | - | |
| #1046 | Resolved | HIGH | 'Regsvr32 may have run code from an untrusted source' along ... | book-r0be6s1nc3 | Windows | 3 | 01-08 16:36 | 01-08 16:42 | - | |
| #1045 | Resolved | HIGH | 'Network Connection - 1971152322' along with 3 other issues ... | dwshin | Windows | 4 | 01-08 16:27 | 01-08 16:42 | - | |
| #1052 | Resolved | HIGH | 'Powershell Activity - 3990759154' along with 2 other issues... | dwshin | Windows | 3 | 01-08 16:50 | 01-08 16:57 | - | |
| #1051 | Resolved | HIGH | 'Command-line arguments match Mimikatz execution' along with... | book-r0be6s1nc3 | Windows | 3 | 01-08 16:49 | 01-08 16:57 | - |