LetsDefend Monitoring Alert
Data Leakage
Jul, 04, 2023, 02:10 PM
Event ID: 164
Event Time: Jul, 04, 2023, 02:10 PM
Rule Name: SOC212 - Data Leakage - Mega Exfiltration
Alert Type: Data Leakage
MITRE Technique:
T1566 - Initial Access - Phishing,
T1059.001 - Execution - Command and Scripting Interpreter: PowerShell,
T1059 - Execution - Command and Scripting Interpreter,
T1119 - Collection - Automated Collection,
T1566.001 - Initial Access - Phishing: Spearphishing Attachment,
T1567 - Exfiltration - Exfiltration Over Web Service,
T1560 - Collection - Archive Collected Data,
T1005 - Collection - Data from Local System,
Severity: High
Incident Responder