Incidents - XDR Test Manager

By Severity

By Status

Top Affected Hosts

MITRE Techniques

Daily Incidents (Last 7 Days)

Daily Alerts (Last 7 Days)

Hourly Distribution

All Incidents

ID	Severity	Status	Description	Hosts	MITRE	Alerts	Created	Modified
#42	HIGH	resolved security testing	Certutil.exe downloads a suspicious file	desktop-fnumv3u	T1140 T1102.002	1	01-01 13:54	01-01 14:03
#41	HIGH	resolved security testing	'Process Injection - 288965039' along with 11...	inbridge-42	T1053.003 T1055	12	01-01 13:54	01-01 14:03
#40	HIGH	resolved security testing	'Process Injection - 288965039' along with 11...	in-bridge-40	T1055	12	01-01 13:53	01-01 14:03
#39	HIGH	resolved security testing	'Persistency - 779040014' along with 21 other...	inbridge-ubt-24	T1053.003 T1055	22	01-01 13:53	01-01 14:03
#38	HIGH	resolved security testing	'Protection Against Security Measures Bypass ...	book-r0be6s1nc3	T1059 T1003.002 +4	11	01-01 09:11	01-01 13:53
#37	HIGH	resolved security testing	'Malware Activity - 2737417481' along with 56...	dwshin	T1059 T1562.004 +14	57	01-01 09:07	01-01 13:53
#36	HIGH	resolved security testing	'Command-line arguments match Mimikatz execut...	desktop-fnumv3u	T1059 T1216 +13	68	01-01 09:01	01-01 13:52
#35	HIGH	resolved security testing	'File Drop - 2775215878' along with 7 other i...	dwshin	T1059 T1218.005 +3	8	01-01 09:00	01-01 09:04
#34	HIGH	resolved security testing	'Staged Malware Activity - 2123359011' along ...	inbridge-42	T1059.004	2	01-01 08:58	01-01 08:59
#33	HIGH	resolved security testing	'Protection Against Security Measures Bypass ...	desktop-fnumv3u	T1003 T1059 +2	4	01-01 08:53	01-01 09:00
#32	HIGH	resolved security testing	'Protection Against Security Measures Bypass ...	dwshin	T1059 T1562.001 +2	3	01-01 08:50	01-01 08:54
#31	HIGH	resolved security testing	'Persistency - 779040014' along with 1 other ...	inbridge-42	T1053.003 T1055	2	01-01 08:26	01-01 08:57
#30	HIGH	resolved security testing	'Persistency - 779040014' along with 3 other ...	in-bridge-40	T1053.003 T1059.004 +1	4	01-01 08:26	01-01 09:00
#29	HIGH	resolved security testing	'Persistency - 779040014' along with 2 other ...	inbridge-ubt-24	T1053.003 T1055	3	01-01 08:26	01-01 08:58
#28	HIGH	resolved security testing	'Powershell Activity - 3083271452' along with...	desktop-fnumv3u	T1059 T1055 +12	25	01-01 07:29	01-01 08:54
#27	HIGH	resolved security testing	'Network Connection - 1971152322' along with ...	book-r0be6s1nc3	T1546.007 T1003.002 +3	6	01-01 07:27	01-01 08:48
#26	HIGH	resolved security testing	'WildFire Malware' along with 16 other issues...	dwshin	T1059 T1003.002 +4	17	01-01 07:21	01-01 08:47
#25	HIGH	resolved security testing	'Regsvr32 may have run code from an untrusted...	desktop-fnumv3u	T1059 T1071.001 +3	5	01-01 07:18	01-01 07:22
#24	HIGH	resolved security testing	'File Drop - 3732557733' along with 2 other i...	dwshin	T1140 T1102.002	3	01-01 07:15	01-01 07:19
#23	HIGH	resolved security testing	'Malware Activity - 1320008962' along with 5 ...	dwshin	T1003.002 T1071.001 +3	6	01-01 07:02	01-01 07:14
#22	HIGH	resolved security testing	'File Drop - 1815185192' along with 6 other i...	desktop-fnumv3u	T1055 T1003.002 +4	7	01-01 06:57	01-01 07:19
#21	HIGH	resolved security testing	'Process Injection - 288965039' along with 3 ...	inbridge-ubt-24	T1053.003 T1055	4	01-01 06:56	01-01 07:15
#20	HIGH	resolved security testing	'Network Connection - 1971152322' along with ...	book-r0be6s1nc3	T1071.001 T1218.007 +2	5	01-01 06:48	01-01 07:15
#19	HIGH	resolved security testing	'Protection Against Security Measures Bypass ...	desktop-fnumv3u	T1059 T1003 +4	6	01-01 06:47	01-01 06:57
#18	HIGH	resolved security testing	'Script Activity - 3810243403' along with 3 o...	dwshin	T1053.005 T1564.004	4	01-01 06:39	01-01 06:46
#17	HIGH	resolved security testing	'Protection Against Security Measures Bypass ...	book-r0be6s1nc3 desktop-fnumv3u	T1059 T1546.007 +4	14	01-01 06:22	01-01 06:45
#16	HIGH	resolved security testing	'Masquerading - 221297964' along with 15 othe...	desktop-fnumv3u	T1059 T1218.005 +10	16	01-01 06:19	01-01 06:47
#15	HIGH	resolved security testing	'Network Connection - 1971152322' along with ...	book-r0be6s1nc3	T1059 T1071.001 +3	3	01-01 06:09	01-01 06:16
#14	MEDIUM	resolved security testing	Suspicious executable detected	book-r0be6s1nc3	-	1	01-01 06:04	01-01 06:08
#13	CRITICAL	resolved security testing	In order to decrypt SM2 encrypted data an app...	-	-	1	12-31 14:01	01-01 14:31
#12	CRITICAL	resolved security testing	BZ2_decompress in decompress.c in bzip2 throu...	-	-	1	12-31 14:01	01-01 14:31
#11	CRITICAL	resolved security testing	The use of `Module._load()` can bypass the po...	-	-	1	12-31 14:01	01-01 14:31
#10	CRITICAL	resolved security testing	Git is a revision control system. Prior to ve...	-	-	1	12-31 14:01	01-01 14:31
#9	CRITICAL	resolved security testing	Git is distributed revision control system. `...	-	-	1	12-31 14:00	01-01 14:31
#8	CRITICAL	resolved security testing	NET, .NET Framework, and Visual Studio Securi...	-	-	1	12-31 14:00	01-01 14:31
#7	CRITICAL	resolved security testing	Git is distributed revision control system. g...	-	-	1	12-31 14:00	01-01 14:31
#6	CRITICAL	resolved security testing	'CVE-2024-54534 vulnerability in Java Runtime...	-	-	2	12-31 14:00	01-01 14:31
#5	CRITICAL	resolved security testing	'CVE-2024-47606 vulnerability in Java Runtime...	-	-	2	12-31 14:00	01-01 14:31
#4	CRITICAL	resolved security testing	'CVE-2025-55315 vulnerability in Microsoft Vi...	-	-	7	12-31 13:59	01-01 14:31
#3	HIGH	resolved security testing	'Script Engine Activity - 2431936258' along w...	book-r0be6s1nc3	T1059 T1059.001	233	12-30 16:28	01-01 05:34
#2	HIGH	resolved security testing	'File Drop - 3732557733' along with 36 other ...	book-r0be6s1nc3 desktop-fnumv3u	T1059 T1098 +15	37	12-30 16:21	01-01 05:51
#1	CRITICAL	resolved security testing	'CVE-2024-24790 vulnerability in net/netip at...	-	-	3	12-30 16:00	01-01 05:46

Showing 42 of 2142 filtered (2142 total) Last refresh: 2026-01-20 21:19:40

20 21 22

Incidents 2142 total / 2142 filtered