Credential Stuffing Attempt
Low
Open
ALR-00360 · 2026-07-08T17:26:22Z
Description
Credential stuffing attack detected against VPN gateway. 234 unique username/password combinations attempted. Flagged by Cloud Connector.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
17:26:22
Event ingested by SOC365 Engine
17:26:25
EmilyAI triage started — correlation enrichment
17:26:31
EmilyAI confidence: 90% — escalated to human analyst
17:27:00
Alert assigned to analyst: EmilyAI (auto)
17:28:18
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00009 | 2h ago | Credential Stuffing Attempt | Medium | Escalated | VM-DEV-01 |
| ALR-00232 | 6h ago | DecoyPulse Honeypot Triggered | Low | False Positive | SRV-DC-01 |
| ALR-00475 | 6h ago | Credential Stuffing Attempt | Medium | Resolved | SRV-DC-01 |
| ALR-00379 | 10h ago | Pass-the-Hash Detected | Medium | Escalated | SRV-DC-01 |
| ALR-00488 | 13h ago | Credential Stuffing Attempt | Low | Investigating | WS-PC-003 |