Incident Live 2146 / 2146
마지막 조회: 06:44:32
0개 선택됨
NEW 인시던트
4 개
* NEW 상태 인시던트를 모두 resolved_security_testing 으로 처리합니다
AUTO RESOLVE
OFF
5분마다 NEW 인시던트 중 알럿 5개 이상 자동 리졸브
| ID | Status | Severity | Description | Hosts | OS | Alerts | Created | Modified | Actions | |
|---|---|---|---|---|---|---|---|---|---|---|
| #1501 | Resolved | HIGH | 'Process Injection - 288965039' along with 4 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 5 | 01-13 18:42 | 01-13 19:25 | - | |
| #1502 | Resolved | HIGH | 'File Drop - 2775215878' along with 5 other issues generated... | dwshin | Windows | 6 | 01-13 18:43 | 01-13 19:14 | - | |
| #1503 | Resolved | HIGH | 'Process Injection - 288965039' along with 5 other issues ge... | in-bridge-40, inbridge-ubt-24 | Linux | 6 | 01-13 18:48 | 01-13 18:59 | - | |
| #1504 | Resolved | HIGH | 'Persistency - 779040014' along with 5 other issues generate... | in-bridge-40, inbridge-ubt-24 | Linux | 6 | 01-13 19:00 | 01-13 19:35 | - | |
| #1505 | Resolved | HIGH | 'Script Activity - 3055004603' along with 4 other issues gen... | dwshin | Windows | 5 | 01-13 19:18 | 01-13 19:55 | - | |
| #1506 | Resolved | HIGH | 'Process Injection - 288965039' along with 4 other issues ge... | inbridge-42 | Linux | 5 | 01-13 19:34 | 01-13 19:40 | - | |
| #1507 | Resolved | HIGH | 'Process Injection - 288965039' along with 7 other issues ge... | in-bridge-40, inbridge-42 | Linux | 8 | 01-13 19:41 | 01-13 20:03 | - | |
| #1508 | Resolved | HIGH | Process executes an obfuscated command for fetching remote f... | inbridge-42 | Linux | 1 | 01-13 19:43 | 01-13 20:03 | - | |
| #1509 | Resolved | HIGH | 'Persistency - 779040014' along with 1 other issue generated... | inbridge-ubt-24 | Linux | 2 | 01-13 20:00 | 01-13 20:03 | - | |
| #1510 | Other | HIGH | 'File Drop - 3732557733' along with 5 other issues generated... | dwshin | Windows | 6 | 01-13 20:00 | 01-13 21:00 | - | |
| #1511 | Resolved | HIGH | 'Process Injection - 288965039' along with 5 other issues ge... | in-bridge-40, inbridge-42 | Linux | 6 | 01-13 20:02 | 01-13 20:02 | - | |
| #1512 | Resolved | HIGH | 'Process Injection - 288965039' along with 14 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 15 | 01-13 20:03 | 01-13 20:05 | - | |
| #1513 | Resolved | HIGH | 'Persistency - 779040014' along with 9 other issues generate... | in-bridge-40, inbridge-42 +1 | Linux | 10 | 01-13 20:03 | 01-13 20:35 | - | |
| #1514 | Resolved | HIGH | 'Process Injection - 288965039' along with 9 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 10 | 01-13 20:06 | 01-13 20:30 | - | |
| #1515 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 4 other is... | inbridge-42, inbridge-ubt-24 | Linux | 5 | 01-13 20:33 | 01-13 20:53 | - | |
| #1516 | Resolved | HIGH | 'Process Injection - 288965039' along with 7 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 8 | 01-13 20:37 | 01-13 20:40 | - | |
| #1517 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 4 other is... | inbridge-42, inbridge-ubt-24 | Linux | 5 | 01-13 20:44 | 01-13 20:53 | - | |
| #1518 | Resolved | HIGH | 'Process Injection - 288965039' along with 2 other issues ge... | in-bridge-40, inbridge-42 | Linux | 3 | 01-13 20:53 | 01-13 20:53 | - | |
| #1519 | Resolved | HIGH | 'Persistency - 779040014' along with 7 other issues generate... | in-bridge-40, inbridge-42 +1 | Linux | 8 | 01-13 20:54 | 01-13 21:01 | - | |
| #1520 | Resolved | HIGH | 'Process Injection - 288965039' along with 11 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 12 | 01-13 21:00 | 01-13 21:06 | - | |
| #1521 | Resolved | MEDIUM | 'Perl script connecting to network' along with 1 other issue... | in-bridge-40 | Linux | 2 | 01-13 21:10 | 01-13 22:05 | - | |
| #1522 | Resolved | MEDIUM | 'WildFire Malware' along with 4 other issues generated by XD... | teahee | Windows | 5 | 01-13 21:17 | 01-13 23:27 | - | |
| #1523 | Resolved | HIGH | 'File Drop - 1815185192' along with 5 other issues generated... | dwshin | Windows | 6 | 01-13 21:19 | 01-13 22:30 | - | |
| #1524 | Resolved | HIGH | 'Process Injection - 288965039' along with 4 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 5 | 01-13 21:30 | 01-13 21:31 | - | |
| #1525 | Resolved | HIGH | 'Process Injection - 288965039' along with 8 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 9 | 01-13 21:31 | 01-13 21:36 | - | |
| #1526 | Resolved | HIGH | 'Process Injection - 288965039' along with 7 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 8 | 01-13 21:37 | 01-13 22:05 | - | |
| #1527 | Resolved | HIGH | 'Process Injection - 288965039' along with 3 other issues ge... | in-bridge-40, inbridge-ubt-24 | Linux | 4 | 01-13 21:48 | 01-13 22:05 | - | |
| #1528 | Resolved | HIGH | 'Process Injection - 288965039' along with 5 other issues ge... | inbridge-42, inbridge-ubt-24 | Linux | 6 | 01-13 22:07 | 01-13 22:20 | - | |
| #1529 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 5 other is... | in-bridge-40, inbridge-42 | Linux | 6 | 01-13 22:18 | 01-13 22:30 | - | |
| #1530 | Resolved | HIGH | 'Persistency - 456694134' along with 8 other issues generate... | in-bridge-40, inbridge-42 +1 | Linux | 9 | 01-13 22:25 | 01-13 22:31 | - | |
| #1531 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 7 other is... | in-bridge-40, inbridge-42 | Linux | 8 | 01-13 22:30 | 01-13 22:36 | - | |
| #1532 | Resolved | HIGH | Remote shell persistency acquired using the crontab mechanis... | inbridge-ubt-24 | Linux | 1 | 01-13 22:34 | 01-13 22:40 | - | |
| #1533 | Resolved | HIGH | 'Protection Against Security Measures Bypass Techniques - 19... | dwshin | Windows | 5 | 01-13 22:34 | 01-13 22:57 | - | |
| #1534 | Resolved | HIGH | Shared object injection using LD_PRELOAD on a shell command | inbridge-42 | Linux | 1 | 01-13 22:38 | 01-13 22:40 | - | |
| #1535 | Resolved | MEDIUM | Process action type = execution AND target process cmd = *so... | in-bridge-40 | Linux | 1 | 01-13 22:39 | 01-13 22:40 | - | |
| #1536 | Resolved | HIGH | 'Persistency - 456694134' along with 18 other issues generat... | in-bridge-40, inbridge-42 +1 | Linux | 19 | 01-13 22:41 | 01-13 23:02 | - | |
| #1537 | Resolved | HIGH | 'Network Connection - 1971152322' along with 5 other issues ... | dwshin | Windows | 6 | 01-13 23:02 | 01-13 23:32 | - | |
| #1538 | Resolved | HIGH | 'Process Injection - 288965039' along with 5 other issues ge... | in-bridge-40, inbridge-42 | Linux | 6 | 01-13 23:28 | 01-13 23:42 | - | |
| #1539 | Resolved | HIGH | 'SYNC - Credential Gathering - 2237270456' along with 4 othe... | teahee | Windows | 5 | 01-13 23:31 | 01-14 01:33 | - | |
| #1540 | Resolved | HIGH | 'File Drop - 1815185192' along with 5 other issues generated... | dwshin | Windows | 6 | 01-13 23:37 | 01-14 00:07 | - | |
| #1541 | Resolved | HIGH | 'Persistency - 779040014' along with 5 other issues generate... | inbridge-42, inbridge-ubt-24 | Linux | 6 | 01-13 23:39 | 01-13 23:52 | - | |
| #1542 | Resolved | HIGH | 'Persistency - 779040014' along with 4 other issues generate... | in-bridge-40, inbridge-42 +1 | Linux | 5 | 01-14 00:00 | 01-14 00:02 | - | |
| #1543 | Resolved | HIGH | 'Persistency - 779040014' along with 7 other issues generate... | in-bridge-40, inbridge-42 +1 | Linux | 8 | 01-14 00:05 | 01-14 01:03 | - | |
| #1544 | Resolved | HIGH | 'Process Injection - 288965039' along with 4 other issues ge... | in-bridge-40, inbridge-ubt-24 | Linux | 5 | 01-14 00:17 | 01-14 00:17 | - | |
| #1545 | Resolved | HIGH | 'File Drop - 1815185192' along with 4 other issues generated... | dwshin | Windows | 5 | 01-14 00:19 | 01-14 00:38 | - | |
| #1546 | Resolved | HIGH | 'File Drop - 3732557733' along with 4 other issues generated... | dwshin | Windows | 5 | 01-14 00:40 | 01-14 01:18 | - | |
| #1547 | Resolved | HIGH | 'Process Injection - 288965039' along with 15 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 16 | 01-14 01:05 | 01-14 20:10 | - | |
| #1548 | Resolved | HIGH | 'Persistency - 456694134' along with 5 other issues generate... | inbridge-ubt-24 | Linux | 6 | 01-14 01:07 | 01-14 01:08 | - | |
| #1549 | Resolved | HIGH | 'Protection Against Security Measures Bypass Techniques - 19... | dwshin | Windows | 5 | 01-14 01:36 | 01-14 01:53 | - | |
| #1550 | Resolved | HIGH | 'Powershell Activity - 3083271452' along with 4 other issues... | teahee | Windows | 5 | 01-14 01:36 | 01-14 02:49 | - |