LetsDefend Monitoring Alert

Possible Data Exfiltration Detected

Jul, 07, 2023, 11:48 AM

Event ID: 165

Event Time: Jul, 07, 2023, 11:48 AM

Rule Name: SOC213 - Possible Data Exfiltration Detected

Alert Type: Data Leakage

MITRE Technique:
T1059.001 - Execution - Command and Scripting Interpreter: PowerShell,
T1110 - Credential Access - Brute Force,
T1041 - Exfiltration - Exfiltration Over C2 Channel,
T1115 - Collection - Clipboard Data,

Severity: Critical

Incident Responder

2024 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166