LetsDefend Monitoring Alert

RDP Brute Force Detected

Mar, 07, 2024, 11:44 AM

Event ID: 234

Event Time: Mar, 07, 2024, 11:44 AM

Rule Name: SOC176 - RDP Brute Force Detected

Alert Type: Brute Force

MITRE Technique:
T1059 - Execution - Command and Scripting Interpreter,
T1110 - Credential Access - Brute Force,
T1087 - Discovery - Account Discovery,
T1078 - Initial Access - Valid Accounts,
T1078.002 - Initial Access - Valid Accounts: Domain Accounts,
T1059.003 - Execution - Command and Scripting Interpreter: Windows Command Shell,

Severity: Medium

Security Analyst

2024 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166