all InfoSec news
SOC131 EventID:67— Reverse TCP Backdoor Detected — letsdefend.io
Sept. 20, 2023, 6:22 p.m. | Enes Adışen
System Weakness - Medium systemweakness.com
SOC131 EventID:67— Reverse TCP Backdoor Detected — letsdefend.io
Let’s start with alert report.
EventID :67
Event Time :Mar, 01, 2021, 03:15 PM
Rule :SOC131 - Reverse TCP Backdoor Detected
Level :Security Analyst
Source Address :172.16.17.14
Source Hostname :MikeComputer
File Name :msi.bat
File Hash :3dc649bc1be6f4881d386e679b7b60c8
File Size :2,12 KB
Device Action :Cleaned
Security Operations Center (SOC) detected a concerning event: EventID 67, indicating the presence of a reverse TCP backdoor. The incident centered around a file named “msi.bat” discovered on a …
action address alert backdoor blue team center cybersecurity event hash incident response letsdefendio msi name operations presence report reverse security size soc start tcp
More from systemweakness.com / System Weakness - Medium
Jobs in InfoSec / Cybersecurity
IT Security Manager
@ Timocom GmbH | Erkrath, Germany
Cybersecurity Service Engineer
@ Motorola Solutions | Singapore, Singapore
Sr Cybersecurity Vulnerability Specialist
@ Health Care Service Corporation | Chicago Illinois HQ (300 E. Randolph Street)
Associate, Info Security (SOC) analyst
@ Evolent | Pune
Public Cloud Development Security and Operations (DevSecOps) Manager
@ Danske Bank | Copenhagen K, Denmark
Cybersecurity Risk Analyst IV
@ Computer Task Group, Inc | United States