Incident Live 2144 / 2144
마지막 조회: 00:02:32
0개 선택됨
NEW 인시던트
4 개
* NEW 상태 인시던트를 모두 resolved_security_testing 으로 처리합니다
AUTO RESOLVE
OFF
5분마다 NEW 인시던트 중 알럿 5개 이상 자동 리졸브
| ID | Status | Severity | Description | Hosts | OS | Alerts | Created | Modified | Actions | |
|---|---|---|---|---|---|---|---|---|---|---|
| #1844 | Resolved | MEDIUM | 'WildFire Malware' along with 4 other issues generated by XD... | dwshin | Windows | 5 | 01-17 00:07 | 01-17 04:35 | - | |
| #1843 | Resolved | HIGH | 'Process Injection - 288965039' along with 7 other issues ge... | in-bridge-40, inbridge-ubt-24 | Linux | 8 | 01-17 00:03 | 01-17 00:38 | - | |
| #1842 | Resolved | HIGH | 'Persistency - 456694134' along with 5 other issues generate... | in-bridge-40, inbridge-42 | Linux | 6 | 01-17 00:00 | 01-17 00:07 | - | |
| #1841 | Resolved | HIGH | 'Process Injection - 288965039' along with 9 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 10 | 01-17 00:00 | 01-17 00:02 | - | |
| #1840 | Resolved | HIGH | 'Suspicious Disk Modification' along with 6 other issues gen... | book-r0be6s1nc3 | Windows | 7 | 01-16 23:54 | 01-17 00:09 | - | |
| #1839 | Resolved | HIGH | 'File Drop - 3732557733' along with 5 other issues generated... | teahee | Windows | 6 | 01-16 23:52 | 01-17 00:07 | - | |
| #1838 | Resolved | HIGH | 'Process Injection - 288965039' along with 1 other issue gen... | inbridge-42 | Linux | 2 | 01-16 23:45 | 01-16 23:51 | - | |
| #1837 | Resolved | HIGH | 'Script Activity - 3055004603' along with 2 other issues gen... | teahee | Windows | 3 | 01-16 23:26 | 01-16 23:51 | - | |
| #1836 | Resolved | HIGH | 'Persistency - 779040014' along with 3 other issues generate... | in-bridge-40, inbridge-ubt-24 | Linux | 4 | 01-16 23:24 | 01-16 23:51 | - | |
| #1835 | Resolved | HIGH | 'Persistency - 456694134' along with 15 other issues generat... | in-bridge-40, inbridge-42 +1 | Linux | 16 | 01-16 23:24 | 01-16 23:27 | - | |
| #1834 | Resolved | HIGH | 'Process Injection - 288965039' along with 5 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 6 | 01-16 23:18 | 01-16 23:20 | - | |
| #1833 | Resolved | HIGH | 'File Drop - 3732557733' along with 4 other issues generated... | teahee | Windows | 5 | 01-16 23:00 | 01-16 23:17 | - | |
| #1832 | Resolved | HIGH | 'Process Injection - 288965039' along with 5 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 6 | 01-16 22:58 | 01-16 23:17 | - | |
| #1831 | Other | HIGH | 'File Drop - 3732557733' along with 6 other issues generated... | teahee | Windows | 7 | 01-16 22:34 | 01-16 22:50 | - | |
| #1830 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 10 other i... | in-bridge-40, inbridge-42 +1 | Linux | 11 | 01-16 22:30 | 01-16 22:31 | - | |
| #1829 | Resolved | HIGH | 'Persistency - 456694134' along with 6 other issues generate... | in-bridge-40, inbridge-42 +1 | Linux | 7 | 01-16 22:30 | 01-16 23:00 | - | |
| #1828 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 1 other is... | inbridge-42 | Linux | 2 | 01-16 22:28 | 01-16 22:29 | - | |
| #1827 | Resolved | HIGH | Shared object injection using LD_PRELOAD on a shell command | in-bridge-40 | Linux | 1 | 01-16 22:28 | 01-16 22:29 | - | |
| #1826 | Resolved | HIGH | 'Persistency - 779040014' along with 8 other issues generate... | in-bridge-40, inbridge-42 +1 | Linux | 9 | 01-16 22:22 | 01-16 22:26 | - | |
| #1825 | Resolved | MEDIUM | Process action type = execution AND target process cmd = *so... | inbridge-ubt-24 | Linux | 1 | 01-16 22:03 | 01-16 22:29 | - | |
| #1824 | Resolved | HIGH | 'Persistency - 456694134' along with 11 other issues generat... | in-bridge-40, inbridge-42 +1 | Linux | 12 | 01-16 22:02 | 01-16 22:11 | - | |
| #1823 | Resolved | HIGH | 'Process Injection - 288965039' along with 4 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 5 | 01-16 21:49 | 01-16 22:01 | - | |
| #1822 | Resolved | HIGH | 'Persistency - 779040014' along with 4 other issues generate... | in-bridge-40, inbridge-ubt-24 | Linux | 5 | 01-16 21:47 | 01-16 22:01 | - | |
| #1821 | Resolved | HIGH | 'Process Injection - 288965039' along with 13 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 14 | 01-16 21:40 | 01-16 21:46 | - | |
| #1820 | Resolved | HIGH | 'Persistency - 456694134' along with 2 other issues generate... | inbridge-ubt-24 | Linux | 3 | 01-16 21:37 | 01-16 21:39 | - | |
| #1819 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 9 other is... | in-bridge-40, inbridge-42 +1 | Linux | 10 | 01-16 21:36 | 01-16 21:39 | - | |
| #1818 | Resolved | HIGH | 'Process Injection - 288965039' along with 8 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 9 | 01-16 21:30 | 01-16 21:36 | - | |
| #1817 | Resolved | HIGH | 'Persistency - 779040014' along with 4 other issues generate... | in-bridge-40, inbridge-42 | Linux | 5 | 01-16 21:18 | 01-16 21:39 | - | |
| #1816 | Resolved | HIGH | 'Impair Defenses - 2363038651' along with 4 other issues gen... | teahee | Windows | 5 | 01-16 21:16 | 01-16 22:21 | - | |
| #1815 | Resolved | HIGH | 'Process Injection - 288965039' along with 16 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 17 | 01-16 21:00 | 01-16 21:20 | - | |
| #1814 | Resolved | HIGH | 'Process Injection - 288965039' along with 15 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 16 | 01-16 20:51 | 01-16 20:55 | - | |
| #1813 | Resolved | HIGH | Remote shell persistency acquired using the crontab mechanis... | inbridge-42 | Linux | 1 | 01-16 20:51 | 01-16 20:51 | - | |
| #1812 | Resolved | HIGH | Process executes an obfuscated command for fetching remote f... | in-bridge-40 | Linux | 1 | 01-16 20:50 | 01-16 20:51 | - | |
| #1811 | Resolved | HIGH | 'Process Injection - 288965039' along with 3 other issues ge... | in-bridge-40, inbridge-ubt-24 | Linux | 4 | 01-16 20:50 | 01-16 20:51 | - | |
| #1810 | Resolved | HIGH | 'Network Connection - 1971152322' along with 7 other issues ... | teahee | Windows | 8 | 01-16 20:49 | 01-16 21:05 | - | |
| #1809 | Resolved | CRITICAL | 'CVE-2023-45853 vulnerability in zlib at /symantec_manager' ... | - | - | 6 | 01-16 20:35 | 01-16 20:40 | - | |
| #1808 | Other | CRITICAL | 'CVE-2021-24112 vulnerability in system.drawing.common at /s... | - | - | 6 | 01-16 20:35 | 01-16 20:40 | - | |
| #1807 | Resolved | HIGH | 'Process Injection - 288965039' along with 17 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 18 | 01-16 20:30 | 01-16 20:50 | - | |
| #1806 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 4 other is... | in-bridge-40, inbridge-42 | Linux | 5 | 01-16 20:11 | 01-16 20:50 | - | |
| #1805 | Resolved | HIGH | 'File Drop - 3732557733' along with 4 other issues generated... | teahee | Windows | 5 | 01-16 20:11 | 01-16 20:45 | - | |
| #1804 | Resolved | HIGH | 'Process Injection - 288965039' along with 6 other issues ge... | in-bridge-40, inbridge-ubt-24 | Linux | 7 | 01-16 20:11 | 01-16 20:30 | - | |
| #1803 | Resolved | HIGH | 'Persistency - 779040014' along with 5 other issues generate... | in-bridge-40, inbridge-42 +1 | Linux | 6 | 01-16 20:00 | 01-16 20:05 | - | |
| #1802 | Resolved | HIGH | 'Staged Malware Activity - 2123359011' along with 14 other i... | in-bridge-40, inbridge-42 +1 | Linux | 15 | 01-16 19:59 | 01-16 20:05 | - | |
| #1801 | Resolved | HIGH | 'Process Injection - 288965039' along with 5 other issues ge... | in-bridge-40, inbridge-42 +1 | Linux | 6 | 01-16 19:59 | 01-16 19:59 | - | |
| #1800 | Resolved | MEDIUM | 'WildFire Malware' along with 3 other issues generated by XD... | dwshin | Windows | 4 | 01-16 19:43 | 01-16 23:51 | - | |
| #1799 | Resolved | HIGH | 'File Drop - 3732557733' along with 4 other issues generated... | teahee | Windows | 5 | 01-16 19:38 | 01-16 19:59 | - | |
| #1798 | Resolved | HIGH | 'Process Injection - 288965039' along with 14 other issues g... | in-bridge-40, inbridge-42 +1 | Linux | 15 | 01-16 19:35 | 01-16 19:39 | - | |
| #1797 | Resolved | CRITICAL | 'CVE-2021-24112 vulnerability in system.drawing.common at /s... | - | - | 8 | 01-16 19:33 | 01-16 20:35 | - | |
| #1796 | Resolved | CRITICAL | 'CVE-2023-45853 vulnerability in zlib at /symantec_worker' a... | - | - | 8 | 01-16 19:33 | 01-16 20:35 | - | |
| #1795 | Resolved | HIGH | 'Process Injection - 288965039' along with 2 other issues ge... | inbridge-42, inbridge-ubt-24 | Linux | 3 | 01-16 19:30 | 01-16 19:35 | - |