LetsDefend Monitoring Alert

Network Connection Detected from Unauthorized Port

Sep, 19, 2023, 02:49 PM

Event ID: 185

Event Time: Sep, 19, 2023, 02:49 PM

Rule Name: SOC208 - Network Connection Detected from Unauthorized Port

Alert Type: Unauthorized Access

MITRE Technique:
T1566 - Initial Access - Phishing,
T1059 - Execution - Command and Scripting Interpreter,
T1204.002 - Execution - User Execution: Malicious File,
T1555 - Credential Access - Credentials from Password Stores,
T1539 - Credential Access - Steal Web Session Cookie,
T1489 - Impact - Service Stop,
T1072 - Execution - Software Deployment Tools,
T1539 - Credential Access - Steal Web Session Cookie,

Severity: High

Incident Responder

2024 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166