LetsDefend Monitoring Alert
ZeroFont Phishing Detected
Oct, 13, 2023, 07:02 AM
Event ID: 190
Event Time: Oct, 13, 2023, 07:02 AM
Rule Name: SOC228 - ZeroFont Phishing Detected
Alert Type: Exchange
MITRE Technique:
T1566 - Initial Access - Phishing,
T1204 - Execution - User Execution,
T1204.002 - Execution - User Execution: Malicious File,
T1566.001 - Initial Access - Phishing: Spearphishing Attachment,
T1027 - Defense Evasion - Obfuscated Files or Information,
T1566.002 - Initial Access - Phishing: Spearphishing Link,
Severity: High
Incident Responder