all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Emotet alert on SIEM ! | Closed as false positive ?! | Are we being tricked ? |

Add to bookmarks
April 2, 2022, 10:37 a.m. | /u/Agent_B99

cybersecurity www.reddit.com

Hello, so I caught an alert on a SIEM with the title "Succesful malicious connection " .

Source IP was ok but Destination IP was flagged as malicious by 17 vendors on VirusTotal although SpamHause got no results as malicious.

The Virustotal community talked about Emotet and RCE so I reported the alert to my superiors.

They closed it after 1 hour as a false positive with the comment that " destination IP is a religious site in Serbia " …

alert cybersecurity emotet false positive siem

Visit resource

More from www.reddit.com / cybersecurity

Top cybersecurity stories for the week of 04-15-24 to 04-19-24 2 hours ago | www.reddit.com
ciso cyber cyber security cybersecurity +8
Cyberattack Takes Frontier Communications Offline 5 hours ago | www.reddit.com
com communications cyberattack cybersecurity +2
Antivirus: Essential tool or outdated tech for Cyber Pros? 6 hours ago | www.reddit.com
antivirus antivirus software community cyber +18
Update on previous post “best security practices in gaming development” 7 hours ago | www.reddit.com
can ciso cybersecurity engine +10
Should I be learning Cybersecurity on my primary machine? 17 hours ago | www.reddit.com
accounting auditor cybersecurity free +7
QSA Says we Can't Provide Public WiFi 19 hours ago | www.reddit.com
campus can cybersecurity event +13
Chinese Government Poses 'Bold and Unrelenting' Threat to U.S. Critical Infrastructure, FBI Director Says | … 19 hours ago | www.reddit.com
bureau chinese chinese government critical +10
What is best practice to prevent man in the middle compromising emails? 21 hours ago | www.reddit.com
attack best practice caught cybersecurity +13
High School English Teacher to Cybersecurity Engineer - A How-to Guide 21 hours ago | www.reddit.com
cybersecurity engineer guide high +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Security Engineer, Incident Response

@ Databricks | Remote - Netherlands
View on infosec-jobs.com

Associate Vulnerability Engineer - Mid-Atlantic region (Part-Time)

@ GuidePoint Security LLC | Remote in VA, MD, PA, NC, DE, NJ, or DC
View on infosec-jobs.com

Data Security Architect

@ Accenture Federal Services | Washington, DC
View on infosec-jobs.com

Identity Security Administrator

@ SailPoint | Pune, India
View on infosec-jobs.com
View more jobs