Unauthorized Root Access

LetsDefend Monitoring Alert

Aug, 30, 2021, 10:11 AM

Event ID: 99

Event Time: Aug, 30, 2021, 10:11 AM

Rule Name: SOC151 - Unauthorized Root Access

Alert Type: Unauthorized Access

MITRE Technique:

T1566 - Initial Access - Phishing,

T1059.004 - Execution - Unix Shell,

T1053.003 - Persistence - Scheduled Task/Job: Cron,

Severity: High

Incident Responder

45305 Catalina ct. Suite 150, Sterling VA 20166