LetsDefend Monitoring Alert

Attempt to Steal Credentials from the Bash History

Sep, 29, 2023, 09:26 AM

Event ID: 188

Event Time: Sep, 29, 2023, 09:26 AM

Rule Name: SOC226 - Attempt to Steal Credentials from the Bash History

Alert Type: Unauthorized Access

MITRE Technique:
T1078 - Initial Access - Valid Accounts,
T1552.003 - Credential Access - Unsecured Credentials: Bash History,

Severity: High

Incident Responder

2024 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166