LetsDefend Monitoring Alert
Possible SSH Backdoor Detected
May, 05, 2023, 06:46 AM
Event ID: 143
Event Time: May, 05, 2023, 06:46 AM
Rule Name: SOC193 - Possible SSH Backdoor Detected
Alert Type: Unauthorized Access
MITRE Technique:
T1098 - Persistence - Account Manipulation,
T1098.004 - Persistence - SSH Authorized Keys,
Severity: High
Incident Responder