all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

SOC131 EventID:67— Reverse TCP Backdoor Detected — letsdefend.io

Add to bookmarks
Sept. 20, 2023, 6:22 p.m. | Enes Adışen

System Weakness - Medium systemweakness.com

SOC131 EventID:67— Reverse TCP Backdoor Detected — letsdefend.io

Let’s start with alert report.

EventID :67
Event Time :Mar, 01, 2021, 03:15 PM
Rule :SOC131 - Reverse TCP Backdoor Detected
Level :Security Analyst
Source Address :172.16.17.14
Source Hostname :MikeComputer
File Name :msi.bat
File Hash :3dc649bc1be6f4881d386e679b7b60c8
File Size :2,12 KB
Device Action :Cleaned

Security Operations Center (SOC) detected a concerning event: EventID 67, indicating the presence of a reverse TCP backdoor. The incident centered around a file named “msi.bat” discovered on a …

action address alert backdoor blue team center cybersecurity event hash incident response letsdefendio msi name operations presence report reverse security size soc start tcp

Visit resource

More from systemweakness.com / System Weakness - Medium

IDOR Attacks Demystified: How They Work and How to Prevent Them 1 day, 6 hours ago | systemweakness.com
attacks business compromise confidentiality +13
How does Single Sign-on (SSO) interact with Active Directory (AD) and Outlook? 1 day, 6 hours ago | systemweakness.com
access active directory applications authentication +15
OSI Model & TCP/IP Comparison 1 day, 6 hours ago | systemweakness.com
access communication deals frameworks +14
First AD home lab 2 days, 2 hours ago | systemweakness.com
access active directory building can +17
3 Steps to protect yourself from Prompt Injection 2 days, 2 hours ago | systemweakness.com
prompt-engineering prompt injection security
Clocky | TryHackMe Write-up 3 days ago | systemweakness.com
ctf ctf-writeup tryhackme tryhackme-walkthrough +1
Bypassing Aquatone’s lack of ability to take screenshots of private websites 3 days ago | systemweakness.com
automation cybersecurity hacking pentesting +1
Tuesday Morning Threat Report: Apr 30, 2024 3 days ago | systemweakness.com
analysis artificial intelligence bad customers +21
Staying Anonymous — Ethical Hacking as a Beginner [09] 3 days ago | systemweakness.com
anonymous beginner communication cybersecurity +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

IT Security Manager

@ Timocom GmbH | Erkrath, Germany
View on infosec-jobs.com

Cybersecurity Service Engineer

@ Motorola Solutions | Singapore, Singapore
View on infosec-jobs.com

Sr Cybersecurity Vulnerability Specialist

@ Health Care Service Corporation | Chicago Illinois HQ (300 E. Randolph Street)
View on infosec-jobs.com

Associate, Info Security (SOC) analyst

@ Evolent | Pune
View on infosec-jobs.com

Public Cloud Development Security and Operations (DevSecOps) Manager

@ Danske Bank | Copenhagen K, Denmark
View on infosec-jobs.com

Cybersecurity Risk Analyst IV

@ Computer Task Group, Inc | United States
View on infosec-jobs.com
View more jobs