Alerts
Filters
Custom Alerts
Triaged Alerts
the application taskhost.exe attempted a network connection to a scanning host (172.16.12.110).42
mimecast: ip found in rbl17
xmrig cryptominer activity16
xmrig miner activity14
possible xmrig cryptocurrency miner 211
cpu/gpu miner network traffic10
microsoft risk detection:anonymous ip address10
xmrig cryptocurrency miner network activity7
scwx 49107 vid19615 python base64-encoded remote code execution attempt (possible metasploit payload)6
a process launched that shares characteristics with a cryptocurrency miner. if this is unexpected, review the process tree.5
anonymous ip address5
bitsadmin file transfer4
bitsadmin file transfer 24
detected suspected stolen user credential for user voicemail@smithscogwheels.com4
scwx 51654 vid54842 cryptocurrency stratum mining pool login detected (aup - cryptomining)4
scwx 56533 vid54842 xmrig cryptocurrency miner mining pool login detected (aup - cryptomining)4
file and directory discovery - powershell searching for files3
research: identified potential hands-on-keyboard activity. research code: m3
cryptocurrency:ec2/bitcointool.b3
Taegis Watchlist93
CB Cloud Endpoint46
Email Watchlist19
NIDS Watchlist18
AWS GuardDuty Alert13
microsoft:ipc10
CrowdStrike v27
Microsoft Defender for Endpoint5
Tactic Graphs™ Detector4
Antivirus Watchlist4
Stolen Credentials4
Hands On Keyboard3
Password Spray Detector2
Impossible Travel2
SentinelOne Threat2
Open
141Not Actionable
55True Positive Malicious
19Suppressed
17endpoint_carbon_black_psc59
endpoint_crowd_strike33
endpoint_sentinelone25
corelight24
endpoint_microsoft_atp23
mimecast19
amazon guardduty13
azure risk detection10
microsoft_graph_alerts10
endpoint_taegis7
endpoint_redcloak6
taegisngav4
microsoft_office_management4
microsoft_graph_sign_in3
microsoft_windows_snare2
brandon.perry23
sci\valorie.hopkins20
sci\tom.wall16
voicemail@smithscogwheels.com16
acd3c6c6-1ac9-4d36-b70f-3ce15da9450a15
sci\takahashi.hiroki9
voicemail5
guest4
winserv-db\administrator4
nt authority\network service3
winserv-dc$2
admin2
administrator2
alex2
asus2
backup2
boss2
buh2
ftp2
fusex\exchange201344
pcus038238
pcnl000930
sro-ki04.sci.local23
sci\sro-ki0217
sra-dc0112
fusex\win2012-dc4
winserv-db4
pcmx10924
pcmx00243
winserv-dc2
pcus07901
monerohash.com11
donate.ssl.xmrig.com7
authdomainname:sci7
targetauthdomainname:testlab-eu.local2
targetauthdomainname:workgroup2
targetauthdomainname:nt authority2
sourceauthdomainname:-2
targetauthdomainname:fusex2
are01.safelinks.protection.outlook.com1
graph.microsoft.com1
targetauthdomainname:smithscogwheels.com1
172.16.20.1110
179.43.159.1989
172.16.21.107
172.16.21.156
172.16.14.2505
172.16.23.155
2a05:b0c7:67c6::13
2001:0:2851:782c:c8c:d43:fcb9:720b2
135.84.10.1632
34.227.216.442
52.44.154.2552
10.101.68.201
54.172.112.731
10.101.11.501
10.101.16.101
10.101.22.101
10.101.68.101
10.101.85.501
10.101.87.501
172.16.12.11042
107.191.99.22119
172.16.14.10013
8.8.8.84
52.44.154.2554
10.101.11.2471
10.101.85.1001
10.101.85.201
10.101.85.2471
10.101.87.101
10.101.87.1001
10.101.87.201
10.101.87.2471
104.47.83.281
172.16.21.151
172.16.22.101
172.16.23.151
20.190.161.881
t149673
t1218.00522
t105317
t103615
t119715
t104814
t110514
t1059.00510
t130610
t10788
t1543.0038
t10717
t16235
t11904
t10594
t10833
t1059.0013
t11193
t10463
232 of 232 alerts
Drag here to set row groups
Drag here to set column labels
MITRE ATT&CK
CREATED AT
TITLE
THREAT SCORE
1
DETECTOR NAME
SENSOR TYPE
9.9
ENDPOINT_SENTINELONE
Taegis Watchlist
2024/03/15 13:13:30 UTC
9.9
ENDPOINT_SENTINELONE
Taegis Watchlist
2024/03/15 13:13:30 UTC
9.9
ENDPOINT_MICROSOFT_ATP
Taegis Watchlist
2024/03/15 13:14:53 UTC
9.9
ENDPOINT_MICROSOFT_ATP
Taegis Watchlist
2024/03/15 13:14:53 UTC
9.9
ENDPOINT_CROWD_STRIKE
Taegis Watchlist
2024/03/15 13:18:40 UTC
9.9
ENDPOINT_CROWD_STRIKE
Taegis Watchlist
2024/03/15 13:18:40 UTC
8.0
Amazon GuardDuty
AWS GuardDuty Alert
2024/03/14 20:01:53 UTC
8.0
Amazon GuardDuty
AWS GuardDuty Alert
2024/03/15 13:16:42 UTC
8.0
Amazon GuardDuty
AWS GuardDuty Alert
2024/03/15 16:17:50 UTC
8.0
Amazon GuardDuty
AWS GuardDuty Alert
2024/03/15 16:57:52 UTC
7.5
ENDPOINT_CROWD_STRIKE
Taegis Watchlist
2024/03/15 13:13:14 UTC
7.5
ENDPOINT_CARBON_BLACK_PSC
Taegis Watchlist
2024/03/15 15:37:07 UTC
7.5
ENDPOINT_CARBON_BLACK_PSC
Taegis Watchlist
2024/03/15 15:39:06 UTC
7.5
ENDPOINT_CROWD_STRIKE
Taegis Watchlist
2024/03/15 16:12:33 UTC
7.5
ENDPOINT_REDCLOAK
Taegis Watchlist
2024/03/17 12:57:26 UTC
7.5
ENDPOINT_REDCLOAK
Taegis Watchlist
2024/03/17 12:57:26 UTC
7.0
Azure Risk Detection
Azure Active Directory Identity Protection
2024/03/15 14:10:37 UTC
7.0
Azure Risk Detection
Azure Active Directory Identity Protection
2024/03/15 14:14:02 UTC
7.0
Azure Risk Detection
Azure Active Directory Identity Protection
2024/03/15 14:16:11 UTC
7.0
ENDPOINT_SENTINELONE
SentinelOne Threat
2024/03/15 13:07:01 UTC
7.0
ENDPOINT_SENTINELONE
SentinelOne Threat
2024/03/19 02:39:36 UTC
6.9
ENDPOINT_REDCLOAK
Taegis Watchlist
2024/03/24 12:58:17 UTC
6.9
ENDPOINT_REDCLOAK
Taegis Watchlist
2024/03/24 12:58:17 UTC
6.0
ENDPOINT_CROWD_STRIKE
CrowdStrike v2
2024/03/15 13:18:56 UTC
6.0
ENDPOINT_CROWD_STRIKE
CrowdStrike v2
2024/03/15 13:18:56 UTC
6.0
ENDPOINT_MICROSOFT_ATP
Microsoft Defender for Endpoint
2024/03/15 14:13:00 UTC
6.0
ENDPOINT_MICROSOFT_ATP
Microsoft Defender for Endpoint
2024/03/15 14:13:00 UTC
6.0
ENDPOINT_MICROSOFT_ATP
Microsoft Defender for Endpoint
2024/03/15 14:16:02 UTC
5.0
ENDPOINT_CARBON_BLACK_PSC
CB Cloud Endpoint
2024/03/15 16:48:35 UTC
5.0
ENDPOINT_SENTINELONE
Taegis Watchlist
2024/03/15 13:13:30 UTC
5.0
ENDPOINT_SENTINELONE
Taegis Watchlist
2024/03/15 13:13:30 UTC
5.0
ENDPOINT_SENTINELONE
Taegis Watchlist
2024/03/15 13:13:30 UTC
5.0
ENDPOINT_SENTINELONE
Taegis Watchlist
2024/03/15 13:13:30 UTC
5.0
ENDPOINT_SENTINELONE
Taegis Watchlist
2024/03/15 13:13:30 UTC
9.9
ENDPOINT_CROWD_STRIKE
Taegis Watchlist
2024/03/15 13:13:14 UTC
to
of
Page
of
Items per page
50
1 - 50 in 232
Loading...