Possible Reverse Shell Detected

LetsDefend Monitoring Alert

May, 04, 2023, 07:59 AM

Event ID: 144

Event Time: May, 04, 2023, 07:59 AM

Rule Name: SOC194 - Possible Reverse Shell Detected

Alert Type: Unauthorized Access

MITRE Technique:

T1137 - Persistence - Office Application Startup,

Severity: Critical

Incident Responder

45305 Catalina ct. Suite 150, Sterling VA 20166