LetsDefend Monitoring Alert

Suspicious Web Requests Detected on Proxy

Nov, 28, 2023, 09:57 AM

Event ID: 205

Event Time: Nov, 28, 2023, 09:57 AM

Rule Name: SOC243 - Suspicious Web Requests Detected on Proxy

Alert Type: C2

MITRE Technique:
T1041 - Exfiltration - Exfiltration Over C2 Channel,
T1204.002 - Execution - User Execution: Malicious File,
T1189 - Initial Access - Drive-by Compromise,
T1008 - Command and Control - Fallback Channels,

Severity: Medium

Incident Responder

2025 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166