Credential Stuffing Attempt
Low
Investigating
ALR-00463 · 2026-07-05T15:53:30Z
Description
Credential stuffing attack detected against VPN gateway. 234 unique username/password combinations attempted. Flagged by Dark Web Monitor.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
15:53:30
Event ingested by SOC365 Engine
15:53:34
EmilyAI triage started — correlation enrichment
15:53:40
EmilyAI confidence: 80% — escalated to human analyst
15:54:10
Alert assigned to analyst: EmilyAI (auto)
15:56:21
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00124 | 8h ago | Ransomware Behaviour Detected | Critical | Escalated | WS-LAP-011 |
| ALR-00419 | 10h ago | Unusual Outbound Traffic | Low | Investigating | WS-LAP-011 |
| ALR-00320 | 11h ago | C2 Beacon Activity | Medium | Investigating | WS-LAP-011 |
| ALR-00121 | 15h ago | Rogue DHCP Server | High | Open | WS-LAP-011 |
| ALR-00001 | 17h ago | Lateral Movement Detected | High | Open | WS-LAP-011 |