LetsDefend Monitoring Alert
Possible Zero Day Exploit Detected(CVE-2023-36884)
Jul, 18, 2023, 01:07 PM
Event ID: 168
Event Time: Jul, 18, 2023, 01:07 PM
Rule Name: SOC215 - Possible Zero Day Exploit Detected(CVE-2023-36884)
Alert Type: Malware
MITRE Technique:
T1071 - Command and Control - Application Layer Protocol,
T1203 - Execution - Exploitation for Client Execution,
T1204.002 - Execution - User Execution: Malicious File,
T1566.001 - Initial Access - Phishing: Spearphishing Attachment,
Real World Example:⭐ Microsoft: Unpatched Office Zero-day Exploited in NATO Summit Attacks
Severity: High
Incident Responder