LetsDefend Monitoring Alert

Spring4Shell Activity

Mar, 31, 2022, 03:09 PM

Event ID: 121

Event Time: Mar, 31, 2022, 03:09 PM

Rule Name: SOC171 - Spring4Shell Activity

Alert Type: Generic

MITRE Technique:
T1595 - Discovery - Active Scanning,
T1059 - Execution - Command and Scripting Interpreter,
T1071 - Collection - Data from Local System,
T1003 - Credential Access - OS Credential Dumping,
T1190 - Initial Access - Exploit Public-Facing Application,
T1041 - Exfiltration - Exfiltration Over C2 Channel,

Severity: High

Incident Responder

2024 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166