Incident Live 2146 / 2146
마지막 조회: 12:22:15
0개 선택됨
NEW 인시던트
4 개
* NEW 상태 인시던트를 모두 resolved_security_testing 으로 처리합니다
AUTO RESOLVE
OFF
5분마다 NEW 인시던트 중 알럿 5개 이상 자동 리졸브
| ID | Status | Severity | Description | Hosts | OS | Alerts | Created | Modified | Actions | |
|---|---|---|---|---|---|---|---|---|---|---|
| #1101 | Other | HIGH | 'Network Connection - 1971152322' along with 5 other issues ... | dwshin | Windows | 6 | 01-09 20:34 | 01-09 21:30 | - | |
| #1102 | Resolved | MEDIUM | 'WildFire Malware' along with 4 other issues generated by XD... | teahee | Windows | 5 | 01-09 21:15 | 01-09 23:30 | - | |
| #1103 | Resolved | HIGH | 'Evasion Technique - 527483761' along with 6 other issues ge... | dwshin | Windows | 7 | 01-09 21:44 | 01-09 22:20 | - | |
| #1104 | Known Issue | HIGH | 'Evasion Technique - 527483761' along with 5 other issues ge... | dwshin | Windows | 6 | 01-09 22:26 | 01-09 22:50 | - | |
| #1105 | resolved_duplicate_incident | HIGH | 'Powershell Activity - 3990759154' along with 5 other issues... | dwshin | Windows | 6 | 01-09 22:54 | 01-09 23:40 | - | |
| #1106 | Resolved | HIGH | 'Protection Against Security Measures Bypass Techniques - 19... | teahee | Windows | 6 | 01-09 23:36 | 01-10 00:50 | - | |
| #1107 | False Positive | HIGH | 'Protection Against Security Measures Bypass Techniques - 19... | dwshin | Windows | 5 | 01-09 23:43 | 01-10 00:10 | - | |
| #1108 | Resolved | HIGH | 'Credential Gathering Protection - 122198212' along with 6 o... | dwshin | Windows | 7 | 01-10 00:18 | 01-10 00:50 | - | |
| #1109 | Resolved | HIGH | 'File Drop - 3732557733' along with 5 other issues generated... | dwshin | Windows | 6 | 01-10 00:53 | 01-10 01:10 | - | |
| #1110 | Other | HIGH | 'Protection Against Security Measures Bypass Techniques - 19... | dwshin | Windows | 5 | 01-10 01:14 | 01-10 01:30 | - | |
| #1111 | Resolved | HIGH | 'File Drop - 3732557733' along with 4 other issues generated... | dwshin | Windows | 5 | 01-10 01:33 | 01-10 02:00 | - | |
| #1112 | Other | MEDIUM | 'WildFire Malware' along with 4 other issues generated by XD... | teahee | Windows | 5 | 01-10 01:39 | 01-10 03:50 | - | |
| #1113 | Resolved | HIGH | 'Malware Activity - 2737417481' along with 4 other issues ge... | dwshin | Windows | 5 | 01-10 02:03 | 01-10 02:30 | - | |
| #1114 | Resolved | HIGH | 'File Drop - 2775215878' along with 5 other issues generated... | dwshin | Windows | 6 | 01-10 02:31 | 01-10 03:00 | - | |
| #1115 | Resolved | HIGH | 'Credential Gathering Protection - 122198212' along with 4 o... | dwshin | Windows | 5 | 01-10 03:06 | 01-10 03:40 | - | |
| #1116 | Resolved | HIGH | 'Protection Against Security Measures Bypass Techniques - 19... | dwshin | Windows | 5 | 01-10 03:41 | 01-10 04:10 | - | |
| #1117 | Resolved | MEDIUM | 'WildFire Malware' along with 4 other issues generated by XD... | teahee | Windows | 5 | 01-10 03:51 | 01-10 06:10 | - | |
| #1118 | Known Issue | HIGH | 'Masquerading - 2438700916' along with 4 other issues genera... | dwshin | Windows | 5 | 01-10 04:23 | 01-10 05:00 | - | |
| #1119 | Known Issue | HIGH | 'Script Activity - 3055004603' along with 4 other issues gen... | dwshin | Windows | 5 | 01-10 05:05 | 01-10 05:20 | - | |
| #1120 | Resolved | HIGH | 'Network Connection - 1971152322' along with 4 other issues ... | dwshin | Windows | 5 | 01-10 05:26 | 01-10 06:00 | - | |
| #1121 | Resolved | HIGH | 'Bypass Attempt - 911079455' along with 4 other issues gener... | dwshin | Windows | 5 | 01-10 06:01 | 01-10 06:20 | - | |
| #1122 | Known Issue | HIGH | 'Masquerading - 221297964' along with 4 other issues generat... | dwshin | Windows | 5 | 01-10 06:22 | 01-10 07:00 | - | |
| #1123 | False Positive | MEDIUM | 'WildFire Malware' along with 4 other issues generated by XD... | teahee | Windows | 5 | 01-10 06:57 | 01-10 09:10 | - | |
| #1124 | False Positive | HIGH | 'Powershell Activity - 3083271452' along with 4 other issues... | dwshin | Windows | 5 | 01-10 07:04 | 01-10 07:30 | - | |
| #1125 | Resolved | HIGH | 'Persistency - 456694134' along with 1 other issue generated... | inbridge-ubt-24 | Linux | 2 | 01-10 07:30 | 01-10 07:30 | - | |
| #1126 | Resolved | HIGH | 'Process Injection - 288965039' along with 1 other issue gen... | in-bridge-40 | Linux | 2 | 01-10 07:30 | 01-10 07:30 | - | |
| #1127 | Resolved | HIGH | 'Process Injection - 288965039' along with 9 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 10 | 01-10 07:31 | 01-10 08:03 | - | |
| #1128 | Resolved | HIGH | 'Credential Gathering Protection - 510630382' along with 4 o... | dwshin | Windows | 5 | 01-10 07:32 | 01-10 08:10 | - | |
| #1129 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 9 other is... | in-bridge-40, inbridge-42 +1 | Linux | 10 | 01-10 07:32 | 01-10 08:03 | - | |
| #1130 | Resolved | HIGH | 'Process Injection - 288965039' along with 3 other issues ge... | in-bridge-40, inbridge-42 | Linux | 4 | 01-10 07:50 | 01-10 08:03 | - | |
| #1131 | Resolved | HIGH | Suspicious cron job using a base64 payload | inbridge-ubt-24 | Linux | 1 | 01-10 08:02 | 01-10 08:03 | - | |
| #1132 | Resolved | HIGH | 'Process Injection - 288965039' along with 9 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 10 | 01-10 08:05 | 01-10 08:40 | - | |
| #1133 | False Positive | HIGH | 'Evasion Technique - 527483761' along with 7 other issues ge... | dwshin | Windows | 8 | 01-10 08:14 | 01-10 08:40 | - | |
| #1134 | Resolved | HIGH | 'Process Injection - 288965039' along with 7 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 8 | 01-10 08:26 | 01-10 08:40 | - | |
| #1135 | Resolved | HIGH | 'Persistency - 456694134' along with 1 other issue generated... | inbridge-ubt-24 | Linux | 2 | 01-10 08:37 | 01-10 08:40 | - | |
| #1136 | Resolved | HIGH | Shared object injection using LD_PRELOAD on a shell command | inbridge-42 | Linux | 1 | 01-10 08:40 | 01-10 08:40 | - | |
| #1137 | Resolved | HIGH | 'Staged Malware Activity - 4061872954' along with 6 other is... | dwshin | Windows | 7 | 01-10 08:42 | 01-10 09:20 | - | |
| #1138 | Resolved | HIGH | 'Process Injection - 288965039' along with 9 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 10 | 01-10 08:52 | 01-10 09:03 | - | |
| #1139 | Resolved | HIGH | 'Process Injection - 288965039' along with 2 other issues ge... | in-bridge-40, inbridge-ubt-24 | Linux | 3 | 01-10 09:00 | 01-10 09:03 | - | |
| #1140 | Resolved | HIGH | 'Persistency - 779040014' along with 1 other issue generated... | inbridge-42 | Linux | 2 | 01-10 09:02 | 01-10 09:03 | - | |
| #1141 | Resolved | HIGH | 'Process Injection - 288965039' along with 13 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 14 | 01-10 09:03 | 01-10 09:21 | - | |
| #1142 | Resolved | MEDIUM | Suspicious executable detected | teahee | Windows | 1 | 01-10 09:21 | 01-10 09:32 | - | |
| #1143 | Resolved | HIGH | 'Process Injection - 288965039' along with 4 other issues ge... | in-bridge-40, inbridge-ubt-24 | Linux | 5 | 01-10 09:23 | 01-10 09:32 | - | |
| #1144 | Resolved | HIGH | 'Script Activity - 1023099560' along with 1 other issue gene... | book-r0be6s1nc3 | Windows | 2 | 01-10 09:28 | 01-10 09:32 | - | |
| #1145 | Resolved | HIGH | 'Bypass Attempt - 911079455' along with 1 other issue genera... | dwshin | Windows | 2 | 01-10 09:31 | 01-10 09:32 | - | |
| #1146 | Resolved | MEDIUM | Process action type = execution AND target process cmd = *so... | inbridge-42 | Linux | 1 | 01-10 09:32 | 01-10 09:55 | - | |
| #1147 | resolved_duplicate_incident | HIGH | 'Evasion Technique - 527483761' along with 5 other issues ge... | dwshin | Windows | 6 | 01-10 09:38 | 01-10 10:00 | - | |
| #1148 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 1 other is... | in-bridge-40, inbridge-ubt-24 | Linux | 2 | 01-10 09:42 | 01-10 09:55 | - | |
| #1149 | Resolved | HIGH | 'Process Injection - 288965039' along with 2 other issues ge... | in-bridge-40, inbridge-42 | Linux | 3 | 01-10 09:42 | 01-10 09:55 | - | |
| #1150 | Resolved | HIGH | 'Process Injection - 288965039' along with 17 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 18 | 01-10 09:55 | 01-10 10:05 | - |