LetsDefend Monitoring Alert

Unauthorized user created a new user

Dec, 29, 2023, 08:36 AM

Event ID: 215

Event Time: Dec, 29, 2023, 08:36 AM

Rule Name: SOC252 - Unauthorized user created a new user

Alert Type: Unauthorized Access

MITRE Technique:
T1110 - Credential Access - Brute Force,
T1133 - Initial Access - External Remote Services,
T1136 - Persistence - Create Account,
T1595 - Reconnaissance - Active Scanning,
T1592 - Reconnaissance - Gather Victim Host Information,
T1059.004 - Execution - Command and Scripting Interpreter: Unix Shell,

Severity: Medium

Incident Responder

2025 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166