all InfoSec news
SOC134 EventID:81 — Suspicious WMI Activity — letsdefend.io
Aug. 29, 2023, 6:42 p.m. | Enes Adışen
System Weakness - Medium systemweakness.com
SOC134 EventID:81 — Suspicious WMI Activity — letsdefend.io
In this article we continue where we left off with letsdefend.io alert solutions, with SOC134 EventID:81 — Suspicious WMI Activity.
Let’s take a look at the alert first.
EventID :81
Event Time :Mar, 15, 2021, 10:57 PM
Rule :SOC134 - Suspicious WMI Activity
Level :Security Analyst
Source Address :172.16.20.3
Source Hostname :Exchange Server
File Name :lunch.exe
File Hash :f2b7074e1543720a9a98fda660e02688
File Size :6.66 Mb
Device Action :Cleaned
The alert suggests a potential security …
address alert article blue team continue cybersecurity exchange letsdefendio malware analysis security soc solutions wmi
More from systemweakness.com / System Weakness - Medium
Clocky | TryHackMe Write-up
1 day, 1 hour ago |
systemweakness.com
Safeguarding the Virtual Frontier
1 day, 1 hour ago |
systemweakness.com
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
DevSecOps Engineer
@ LinQuest | Beavercreek, Ohio, United States
Senior Developer, Vulnerability Collections (Contractor)
@ SecurityScorecard | Remote (Turkey or Latin America)
Cyber Security Intern 03416 NWSOL
@ North Wind Group | RICHLAND, WA
Senior Cybersecurity Process Engineer
@ Peraton | Fort Meade, MD, United States
Sr. Manager, Cybersecurity and Info Security
@ AESC | Smyrna, TN 37167, Smyrna, TN, US | Santa Clara, CA 95054, Santa Clara, CA, US | Florence, SC 29501, Florence, SC, US | Bowling Green, KY 42101, Bowling Green, KY, US