Incident Live 2146 / 2146
마지막 조회: 09:20:47
0개 선택됨
NEW 인시던트
4 개
* NEW 상태 인시던트를 모두 resolved_security_testing 으로 처리합니다
AUTO RESOLVE
OFF
5분마다 NEW 인시던트 중 알럿 5개 이상 자동 리졸브
| ID | Status | Severity | Description | Hosts | OS | Alerts | Created | Modified | Actions | |
|---|---|---|---|---|---|---|---|---|---|---|
| #1301 | Resolved | HIGH | 'Process Injection - 288965039' along with 4 other issues ge... | inbridge-42, inbridge-ubt-24 | Linux | 5 | 01-11 23:07 | 01-11 23:09 | - | |
| #1302 | Resolved | HIGH | 'Persistency - 779040014' along with 1 other issue generated... | inbridge-ubt-24 | Linux | 2 | 01-11 23:08 | 01-11 23:17 | - | |
| #1303 | Resolved | HIGH | 'Persistency - 1983659418' along with 1 other issue generate... | dwshin | Windows | 2 | 01-11 23:11 | 01-11 23:17 | - | |
| #1304 | Resolved | HIGH | 'Persistency - 779040014' along with 4 other issues generate... | in-bridge-40, inbridge-42 | Linux | 5 | 01-11 23:18 | 01-11 23:30 | - | |
| #1305 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 10 other i... | in-bridge-40, inbridge-42 +1 | Linux | 11 | 01-11 23:30 | 01-11 23:35 | - | |
| #1306 | Resolved | CRITICAL | 'CVE-2023-45853 vulnerability in zlib at /symantec_testmanag... | - | - | 227 | 01-11 23:30 | 01-11 23:35 | - | |
| #1307 | Resolved | CRITICAL | 'CVE-2021-24112 vulnerability in system.drawing.common at /s... | - | - | 29 | 01-11 23:30 | 01-11 23:35 | - | |
| #1308 | Resolved | CRITICAL | 'CVE-2023-45853 vulnerability in zlib at /symantec_testmanag... | - | - | 120 | 01-11 23:35 | 01-11 23:36 | - | |
| #1309 | Resolved | CRITICAL | 'CVE-2021-24112 vulnerability in system.drawing.common at /s... | - | - | 25 | 01-11 23:35 | 01-11 23:36 | - | |
| #1310 | Resolved | HIGH | Remote shell persistency acquired using the crontab mechanis... | inbridge-ubt-24 | Linux | 1 | 01-11 23:36 | 01-11 23:36 | - | |
| #1311 | Resolved | HIGH | 'Process Injection - 288965039' along with 1 other issue gen... | in-bridge-40 | Linux | 2 | 01-11 23:36 | 01-11 23:36 | - | |
| #1312 | Resolved | CRITICAL | 'CVE-2023-45853 vulnerability in zlib at /symantec_testmanag... | - | - | 228 | 01-11 23:36 | 01-11 23:40 | - | |
| #1313 | Resolved | CRITICAL | 'CVE-2021-24112 vulnerability in system.drawing.common at /s... | - | - | 12 | 01-11 23:36 | 01-11 23:40 | - | |
| #1314 | Resolved | HIGH | 'Powershell Activity - 3990759154' along with 4 other issues... | dwshin | Windows | 5 | 01-11 23:40 | 01-11 23:55 | - | |
| #1315 | Resolved | CRITICAL | 'CVE-2023-45853 vulnerability in zlib at /symantec_testmanag... | - | - | 7 | 01-11 23:41 | 01-12 00:05 | - | |
| #1316 | Resolved | HIGH | 'Powershell Activity - 3990759154' along with 4 other issues... | book-r0be6s1nc3, teahee | Windows | 5 | 01-11 23:44 | 01-12 00:51 | - | |
| #1317 | Resolved | HIGH | 'Persistency - 456694134' along with 5 other issues generate... | in-bridge-40, inbridge-ubt-24 | Linux | 6 | 01-11 23:48 | 01-11 23:50 | - | |
| #1318 | Resolved | HIGH | 'Process Injection - 288965039' along with 8 other issues ge... | in-bridge-40, inbridge-ubt-24 | Linux | 9 | 01-11 23:57 | 01-12 00:00 | - | |
| #1319 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 5 other is... | inbridge-42 | Linux | 6 | 01-11 23:57 | 01-12 00:20 | - | |
| #1320 | Resolved | CRITICAL | 'CVE-2021-24112 vulnerability in system.drawing.common at do... | - | - | 6 | 01-12 00:00 | 01-12 00:05 | - | |
| #1321 | Resolved | HIGH | 'File Drop - 2775215878' along with 4 other issues generated... | dwshin | Windows | 5 | 01-12 00:01 | 01-12 00:15 | - | |
| #1322 | Resolved | HIGH | 'Powershell Activity - 3990759154' along with 2 other issues... | teahee | Windows | 3 | 01-12 00:08 | 01-12 01:06 | - | |
| #1323 | Resolved | HIGH | 'Network Connection - 1971152322' along with 4 other issues ... | dwshin | Windows | 5 | 01-12 00:16 | 01-12 00:40 | - | |
| #1324 | Resolved | HIGH | 'Process Injection - 288965039' along with 5 other issues ge... | inbridge-42, inbridge-ubt-24 | Linux | 6 | 01-12 00:22 | 01-12 00:27 | - | |
| #1325 | Resolved | HIGH | Suspicious cron job using a base64 payload | inbridge-ubt-24 | Linux | 1 | 01-12 00:22 | 01-12 00:27 | - | |
| #1326 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 2 other is... | in-bridge-40, inbridge-42 | Linux | 3 | 01-12 00:25 | 01-12 00:27 | - | |
| #1327 | Resolved | HIGH | 'Process Injection - 288965039' along with 4 other issues ge... | in-bridge-40, inbridge-ubt-24 | Linux | 5 | 01-12 00:30 | 01-12 00:31 | - | |
| #1328 | Resolved | CRITICAL | 'CVE-2023-45853 vulnerability in zlib at /symantec_testmanag... | - | - | 5 | 01-12 00:30 | 01-12 00:31 | - | |
| #1329 | Resolved | CRITICAL | 'CVE-2021-24112 vulnerability in system.drawing.common at /s... | - | - | 172 | 01-12 00:30 | 01-12 00:36 | - | |
| #1330 | Resolved | CRITICAL | 'CVE-2023-45853 vulnerability in zlib at /symantec_testmanag... | - | - | 242 | 01-12 00:31 | 01-12 00:36 | - | |
| #1331 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 13 other i... | in-bridge-40, inbridge-42 +1 | Linux | 14 | 01-12 00:32 | 01-12 00:51 | - | |
| #1332 | Resolved | HIGH | 'Process Injection - 288965039' along with 12 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 13 | 01-12 00:33 | 01-12 00:36 | - | |
| #1333 | Resolved | CRITICAL | 'CVE-2021-24112 vulnerability in system.drawing.common at /s... | - | - | 212 | 01-12 00:36 | 01-12 00:41 | - | |
| #1334 | Resolved | CRITICAL | 'CVE-2023-45853 vulnerability in zlib at /symantec_testmanag... | - | - | 391 | 01-12 00:36 | 01-12 00:46 | - | |
| #1335 | Resolved | CRITICAL | 'CVE-2021-24112 vulnerability in system.drawing.common at /s... | - | - | 38 | 01-12 00:41 | 01-12 00:46 | - | |
| #1336 | Resolved | HIGH | 'Protection Against Security Measures Bypass Techniques - 19... | dwshin | Windows | 5 | 01-12 00:42 | 01-12 01:06 | - | |
| #1337 | Resolved | HIGH | 'Persistency - 456694134' along with 4 other issues generate... | in-bridge-40, inbridge-ubt-24 | Linux | 5 | 01-12 00:48 | 01-12 00:50 | - | |
| #1338 | Resolved | HIGH | 'Persistency - 779040014' along with 15 other issues generat... | in-bridge-40, inbridge-42 +1 | Linux | 16 | 01-12 00:51 | 01-12 00:56 | - | |
| #1339 | Resolved | HIGH | 'Process Injection - 288965039' along with 6 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 7 | 01-12 01:05 | 01-12 01:06 | - | |
| #1340 | Resolved | HIGH | 'Process Injection - 288965039' along with 5 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 6 | 01-12 01:08 | 01-12 01:23 | - | |
| #1341 | Resolved | HIGH | 'Persistency - 456694134' along with 5 other issues generate... | in-bridge-40, inbridge-42 | Linux | 6 | 01-12 01:08 | 01-12 01:20 | - | |
| #1342 | Resolved | HIGH | 'File Drop - 3732557733' along with 5 other issues generated... | teahee | Windows | 6 | 01-12 01:11 | 01-12 02:02 | - | |
| #1343 | Other | HIGH | 'Staged Malware Activity - 4061872954' along with 5 other is... | dwshin | Windows | 6 | 01-12 01:18 | 01-12 01:50 | - | |
| #1344 | Resolved | HIGH | Process executes an obfuscated command for fetching remote f... | inbridge-42 | Linux | 1 | 01-12 01:19 | 01-12 01:23 | - | |
| #1345 | Resolved | HIGH | 'Process Injection - 288965039' along with 1 other issue gen... | in-bridge-40, inbridge-42 | Linux | 2 | 01-12 01:20 | 01-12 01:23 | - | |
| #1346 | Resolved | HIGH | 'Persistency - 779040014' along with 5 other issues generate... | in-bridge-40, inbridge-ubt-24 | Linux | 6 | 01-12 01:47 | 01-12 02:02 | - | |
| #1347 | Resolved | HIGH | 'Process Injection - 288965039' along with 7 other issues ge... | in-bridge-40, inbridge-42 | Linux | 8 | 01-12 01:47 | 01-12 01:52 | - | |
| #1348 | Resolved | HIGH | 'File Drop - 1815185192' along with 4 other issues generated... | dwshin | Windows | 5 | 01-12 01:53 | 01-12 02:17 | - | |
| #1349 | Resolved | MEDIUM | 'WildFire Malware' along with 1 other issue generated by XDR... | book-r0be6s1nc3 | Windows | 2 | 01-12 01:56 | 01-12 03:20 | - | |
| #1350 | Resolved | MEDIUM | 'WildFire Malware' along with 2 other issues generated by XD... | teahee | Windows | 3 | 01-12 02:14 | 01-12 03:20 | - |