LetsDefend Monitoring Alert

Possible SSH Backdoor Detected

May, 05, 2023, 06:46 AM

Event ID: 143

Event Time: May, 05, 2023, 06:46 AM

Rule Name: SOC193 - Possible SSH Backdoor Detected

Alert Type: Unauthorized Access

MITRE Technique:
T1098 - Persistence - Account Manipulation,
T1098.004 - Persistence - SSH Authorized Keys,

Severity: High

Incident Responder

2023 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166