Incident Live 2144 / 2144
마지막 조회: 00:02:42
0개 선택됨
NEW 인시던트
4 개
* NEW 상태 인시던트를 모두 resolved_security_testing 으로 처리합니다
AUTO RESOLVE
OFF
5분마다 NEW 인시던트 중 알럿 5개 이상 자동 리졸브
| ID | Status | Severity | Description | Hosts | OS | Alerts | Created | Modified | Actions | |
|---|---|---|---|---|---|---|---|---|---|---|
| #201 | Resolved | HIGH | 'Staged Malware Activity - 2394207323' along with 6 other is... | desktop-fnumv3u | Windows | 7 | 01-03 00:54 | 01-03 01:00 | - | |
| #202 | Resolved | HIGH | 'Protection Against Security Measures Bypass Techniques - 19... | desktop-fnumv3u | Windows | 5 | 01-03 01:01 | 01-03 01:10 | - | |
| #203 | False Positive | HIGH | 'Credential Gathering Protection - 3380811775' along with 7 ... | dwshin | Windows | 8 | 01-03 01:07 | 01-03 01:50 | - | |
| #204 | False Positive | MEDIUM | 'WildFire Malware' along with 4 other issues generated by XD... | teahee | Windows | 5 | 01-03 01:21 | 01-03 03:40 | - | |
| #205 | Resolved | HIGH | 'SYNC - Credential Gathering - 1082701410' along with 6 othe... | desktop-fnumv3u | Windows | 7 | 01-03 01:22 | 01-03 02:10 | - | |
| #206 | Resolved | HIGH | 'Script Activity - 3055004603' along with 4 other issues gen... | dwshin | Windows | 5 | 01-03 01:56 | 01-03 02:20 | - | |
| #207 | Known Issue | HIGH | 'Protection Against Security Measures Bypass Techniques - 19... | desktop-fnumv3u | Windows | 6 | 01-03 02:18 | 01-03 02:30 | - | |
| #208 | resolved_duplicate_incident | HIGH | 'File Drop - 2775215878' along with 7 other issues generated... | dwshin | Windows | 8 | 01-03 02:23 | 01-03 03:00 | - | |
| #209 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 7 other is... | inbridge-42 | Linux | 8 | 01-03 02:30 | 01-03 03:40 | - | |
| #210 | Resolved | HIGH | 'Command-line arguments match Mimikatz execution' along with... | desktop-fnumv3u | Windows | 5 | 01-03 02:32 | 01-03 02:40 | - | |
| #211 | Other | HIGH | 'Regsvr32 may have run code from an untrusted source' along ... | desktop-fnumv3u | Windows | 5 | 01-03 02:42 | 01-03 02:50 | - | |
| #212 | Resolved | HIGH | 'Powershell Activity - 3083271452' along with 4 other issues... | desktop-fnumv3u | Windows | 5 | 01-03 02:50 | 01-03 03:20 | - | |
| #213 | resolved_duplicate_incident | HIGH | 'Credential Gathering Protection - 122198212' along with 5 o... | dwshin | Windows | 6 | 01-03 03:06 | 01-03 03:40 | - | |
| #214 | Other | HIGH | 'Command-line arguments match Mimikatz execution' along with... | desktop-fnumv3u | Windows | 8 | 01-03 03:21 | 01-03 03:30 | - | |
| #215 | Resolved | HIGH | 'File Drop - 1815185192' along with 6 other issues generated... | desktop-fnumv3u | Windows | 7 | 01-03 03:30 | 01-03 03:50 | - | |
| #216 | Resolved | HIGH | 'File Drop - 3732557733' along with 4 other issues generated... | dwshin | Windows | 5 | 01-03 03:41 | 01-03 04:00 | - | |
| #217 | Resolved | MEDIUM | 'WildFire Malware' along with 4 other issues generated by XD... | teahee | Windows | 5 | 01-03 03:48 | 01-03 06:00 | - | |
| #218 | Resolved | HIGH | 'Command-line arguments match Mimikatz execution' along with... | desktop-fnumv3u | Windows | 8 | 01-03 03:55 | 01-03 04:10 | - | |
| #219 | False Positive | HIGH | 'File Drop - 2775215878' along with 5 other issues generated... | dwshin | Windows | 6 | 01-03 04:02 | 01-03 04:30 | - | |
| #220 | Other | HIGH | 'Possible LSASS memory dump' along with 7 other issues gener... | desktop-fnumv3u | Windows | 8 | 01-03 04:10 | 01-03 04:30 | - | |
| #221 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 7 other is... | inbridge-42 | Linux | 8 | 01-03 04:30 | 01-03 08:32 | - | |
| #222 | Known Issue | HIGH | 'File Drop - 3732557733' along with 5 other issues generated... | dwshin | Windows | 6 | 01-03 04:30 | 01-03 05:00 | - | |
| #223 | Resolved | HIGH | 'Evasion Technique - 527483761' along with 7 other issues ge... | desktop-fnumv3u | Windows | 8 | 01-03 04:31 | 01-03 04:50 | - | |
| #224 | Other | HIGH | 'File Drop - 3732557733' along with 4 other issues generated... | desktop-fnumv3u | Windows | 5 | 01-03 04:52 | 01-03 05:00 | - | |
| #225 | Resolved | HIGH | 'Powershell Activity - 3083271452' along with 4 other issues... | desktop-fnumv3u | Windows | 5 | 01-03 05:00 | 01-03 05:20 | - | |
| #226 | Resolved | HIGH | 'Credential Gathering Protection - 3380811775' along with 4 ... | dwshin | Windows | 5 | 01-03 05:05 | 01-03 05:30 | - | |
| #227 | Resolved | HIGH | 'Command-line arguments match Mimikatz execution' along with... | desktop-fnumv3u | Windows | 7 | 01-03 05:20 | 01-03 05:30 | - | |
| #228 | Resolved | HIGH | 'Regsvr32 may have run code from an untrusted source' along ... | desktop-fnumv3u, dwshin | Windows | 8 | 01-03 05:39 | 01-03 05:50 | - | |
| #229 | Resolved | HIGH | 'Protection Against Security Measures Bypass Techniques - 19... | dwshin | Windows | 6 | 01-03 05:40 | 01-03 06:10 | - | |
| #230 | Resolved | HIGH | 'Command-line arguments match Mimikatz execution' along with... | desktop-fnumv3u | Windows | 6 | 01-03 05:52 | 01-03 06:00 | - | |
| #231 | Resolved | HIGH | 'Regsvr32 may have run code from an untrusted source' along ... | desktop-fnumv3u | Windows | 6 | 01-03 06:02 | 01-03 06:10 | - | |
| #232 | Resolved | HIGH | 'Persistency - 1983659418' along with 4 other issues generat... | desktop-fnumv3u | Windows | 5 | 01-03 06:17 | 01-03 06:30 | - | |
| #233 | False Positive | HIGH | 'Credential Gathering Protection - 122198212' along with 5 o... | dwshin | Windows | 6 | 01-03 06:22 | 01-03 06:40 | - | |
| #234 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 7 other is... | inbridge-42 | Linux | 8 | 01-03 06:30 | 01-03 08:32 | - | |
| #235 | resolved_duplicate_incident | HIGH | 'File Drop - 1815185192' along with 4 other issues generated... | desktop-fnumv3u | Windows | 5 | 01-03 06:30 | 01-03 06:50 | - | |
| #236 | False Positive | HIGH | 'Powershell Activity - 3990759154' along with 4 other issues... | dwshin | Windows | 5 | 01-03 06:43 | 01-03 07:10 | - | |
| #237 | False Positive | MEDIUM | 'WildFire Malware' along with 5 other issues generated by XD... | teahee | Windows | 6 | 01-03 06:51 | 01-03 09:10 | - | |
| #238 | Resolved | HIGH | 'Regsvr32 may have run code from an untrusted source' along ... | desktop-fnumv3u | Windows | 10 | 01-03 06:51 | 01-03 07:20 | - | |
| #239 | resolved_duplicate_incident | HIGH | 'File Drop - 1815185192' along with 4 other issues generated... | dwshin | Windows | 5 | 01-03 07:12 | 01-03 07:50 | - | |
| #240 | resolved_duplicate_incident | HIGH | 'Impair Defenses - 2363038651' along with 9 other issues gen... | desktop-fnumv3u | Windows | 10 | 01-03 07:23 | 01-03 07:40 | - | |
| #241 | Known Issue | HIGH | 'Credential Gathering Protection - 122198212' along with 4 o... | desktop-fnumv3u | Windows | 5 | 01-03 07:40 | 01-03 08:00 | - | |
| #242 | resolved_duplicate_incident | HIGH | 'File Drop - 3732557733' along with 4 other issues generated... | dwshin | Windows | 5 | 01-03 07:53 | 01-03 08:10 | - | |
| #243 | Resolved | HIGH | 'Evasion Technique - 527483761' along with 6 other issues ge... | desktop-fnumv3u | Windows | 7 | 01-03 08:01 | 01-03 08:20 | - | |
| #244 | Other | HIGH | 'Script Engine Activity - 3247043810' along with 4 other iss... | dwshin | Windows | 5 | 01-03 08:20 | 01-03 09:00 | - | |
| #245 | Resolved | HIGH | 'Script Activity - 3055004603' along with 5 other issues gen... | desktop-fnumv3u | Windows | 6 | 01-03 08:28 | 01-03 08:50 | - | |
| #246 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 3 other is... | inbridge-42 | Linux | 4 | 01-03 08:30 | 01-03 08:32 | - | |
| #247 | False Positive | HIGH | 'Evasion Technique - 527483761' along with 4 other issues ge... | desktop-fnumv3u | Windows | 5 | 01-03 09:00 | 01-03 09:20 | - | |
| #248 | resolved_duplicate_incident | HIGH | 'Network Connection - 1971152322' along with 4 other issues ... | dwshin | Windows | 5 | 01-03 09:10 | 01-03 09:40 | - | |
| #249 | Other | HIGH | 'Credential Gathering Protection - 122198212' along with 6 o... | desktop-fnumv3u | Windows | 7 | 01-03 09:25 | 01-03 10:10 | - | |
| #250 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 7 other is... | inbridge-42 | Linux | 8 | 01-03 09:30 | 01-03 10:40 | - |