LetsDefend Monitoring Alert

"Guest" User was Enabled

May, 26, 2023, 07:03 AM

Event ID: 152

Event Time: May, 26, 2023, 07:03 AM

Rule Name: SOC201 - "Guest" User was Enabled

Alert Type: Malware

MITRE Technique:
T1078 - Persistence - Valid Accounts,
T1078 - Privilege Escalation - Valid Accounts,
T1204.002 - Execution - User Execution: Malicious File,
T1566.001 - Initial Access - Phishing: Spearphishing Attachment,

Severity: Medium

Incident Responder

2024 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166