Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 18:03:35 UTC

Credential Stuffing Attempt

Medium Open
ALR-00174 · 2026-05-21T14:41:38Z

Description

Credential stuffing attack detected against VPN gateway. 234 unique username/password combinations attempted. Flagged by DLP Module.

Alert Metadata

Alert ID
ALR-00174
Timestamp
2026-05-21T14:41:38Z
Severity
Medium
Status
Open
Detection Source
DLP Module
Assigned Analyst
Anika Patel

Endpoint Information

Hostname
WS-PC-006
User Account
e.evans
Source IP
185.59.220.108
Destination IP
10.0.125.33
Origin Country
VN Vietnam

MITRE ATT&CK Mapping

Tactic
Credential Access
Technique
T1110.004
Reference
attack.mitre.org/techniques/T1110.004

Investigation Timeline

14:41:38 Event ingested by SOC365 Engine
14:41:41 EmilyAI triage started — correlation enrichment
14:41:53 EmilyAI confidence: 88% — escalated to human analyst
14:42:19 Alert assigned to analyst: Anika Patel
14:43:14 Investigation started — querying SIEM and threat intelligence

Related Alerts

ID Time Alert Severity Status Host
ALR-00168 3h ago Credential Stuffing Attempt Medium Escalated SRV-MAIL-01
ALR-00472 4h ago Certificate Anomaly Low False Positive WS-PC-006
ALR-00474 7h ago Privilege Escalation Attempt Medium Investigating WS-PC-006
ALR-00341 16h ago Rogue DHCP Server Medium Escalated WS-PC-006
ALR-00095 23h ago Port Scan Detected Medium Resolved WS-PC-006