LetsDefend Monitoring Alert

Possible Zero Day Exploit Detected(CVE-2023-36884)

Jul, 18, 2023, 01:07 PM

Event ID: 168

Event Time: Jul, 18, 2023, 01:07 PM

Rule Name: SOC215 - Possible Zero Day Exploit Detected(CVE-2023-36884)

Alert Type: Malware

MITRE Technique:
T1071 - Command and Control - Application Layer Protocol,
T1203 - Execution - Exploitation for Client Execution,
T1204.002 - Execution - User Execution: Malicious File,
T1566.001 - Initial Access - Phishing: Spearphishing Attachment,

Real World Example:Microsoft: Unpatched Office Zero-day Exploited in NATO Summit Attacks

Severity: High

Incident Responder

2024 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166