LetsDefend Monitoring Alert
Phishing Mail Detected
Sep, 26, 2023, 08:30 AM
Event ID: 186
Event Time: Sep, 26, 2023, 08:30 AM
Rule Name: SOC140 - Phishing Mail Detected - Suspicious Task Scheduler
Alert Type: Exchange
MITRE Technique:
T1053.005 - Persistence - Scheduled Task,
T1204.002 - Execution - User Execution: Malicious File,
T1566.002 - Initial Access - Phishing: Spearphishing Link,
T1102 - Command and Control - Web Service,
Severity: Medium
Incident Responder