LetsDefend Monitoring Alert
Network Connection Detected from Unauthorized Port
Jun, 15, 2023, 09:02 AM
Event ID: 159
Event Time: Jun, 15, 2023, 09:02 AM
Rule Name: SOC208 - Network Connection Detected from Unauthorized Port
Alert Type: Malware
MITRE Technique:
T1566 - Initial Access - Phishing,
T1071 - Command and Control - Application Layer Protocol,
T1204.002 - Execution - User Execution: Malicious File,
T1114 - Collection - Email Collection,
Severity: High
Incident Responder