Medium Alerts
100 alerts
| ID | Timestamp | Alert Type | Severity | Status | Source | Hostname | User | Origin | Analyst | MITRE |
|---|---|---|---|---|---|---|---|---|---|---|
| ALR-00065 | 5m ago | Suspicious Scheduled Task | Medium | Investigating | DLP Module | SRV-FILE-01 | l.johnson | NL Netherlands | Emma Richardson | T1053.005 |
| ALR-00005 | 1h ago | Suspicious PowerShell Execution | Medium | False Positive | DecoyPulse | WS-MAC-005 | r.davies | RO Romania | Anika Patel | T1059.001 |
| ALR-00267 | 3h ago | Kerberoasting Attempt | Medium | False Positive | Email Gateway | SRV-APP-01 | l.johnson | DE Germany | Sarah Chen | T1558.003 |
| ALR-00078 | 4h ago | Certificate Anomaly | Medium | Resolved | Firewall | SRV-SQL-01 | p.thomas | VN Vietnam | Anika Patel | T1553.004 |
| ALR-00070 | 4h ago | Pass-the-Hash Detected | Medium | Open | DLP Module | WS-PC-004 | p.thomas | DE Germany | Sarah Chen | T1550.002 |
| ALR-00155 | 5h ago | Suspicious Scheduled Task | Medium | Investigating | Network IDS | WS-PC-002 | s.jones | DE Germany | Marcus Webb | T1053.005 |
| ALR-00076 | 5h ago | Unauthorised USB Device | Medium | False Positive | Firewall | SRV-APP-01 | p.thomas | IR Iran | Anika Patel | T1091 |
| ALR-00204 | 7h ago | Insider Threat Indicator | Medium | Open | Email Gateway | WS-MAC-005 | k.brown | IN India | James Okonkwo | T1119 |
| ALR-00145 | 7h ago | Port Scan Detected | Medium | Open | Attack Surface Scanner | WS-LAP-012 | l.johnson | BR Brazil | Sarah Chen | T1046 |
| ALR-00026 | 10h ago | Insider Threat Indicator | Medium | Open | SOC365 Engine | SRV-FILE-01 | c.williams | VN Vietnam | James Okonkwo | T1119 |
| ALR-00248 | 13h ago | Brute Force SSH | Medium | False Positive | Network IDS | SRV-BACKUP-01 | f.hall | US United States | Marcus Webb | T1110.001 |
| ALR-00191 | 16h ago | Port Scan Detected | Medium | Resolved | Dark Web Monitor | AP-WIFI-03 | p.thomas | KP North Korea | Marcus Webb | T1046 |
| ALR-00275 | 16h ago | Ransomware Behaviour Detected | Medium | Escalated | Cloud Connector | SRV-BACKUP-01 | f.hall | RU Russia | Sarah Chen | T1486 |
| ALR-00059 | 16h ago | DecoyPulse Honeypot Triggered | Medium | Investigating | Firewall | SW-CORE-01 | system | RO Romania | Sarah Chen | T1018 |
| ALR-00286 | 18h ago | Rogue DHCP Server | Medium | Escalated | Firewall | AP-WIFI-03 | p.thomas | UA Ukraine | Marcus Webb | T1557.003 |
| ALR-00173 | 19h ago | Credential Stuffing Attempt | Medium | Escalated | Firewall | WS-PC-002 | a.wilson | CN China | Anika Patel | T1110.004 |
| ALR-00008 | 21h ago | Privilege Escalation Attempt | Medium | Resolved | DecoyPulse | AP-WIFI-03 | p.thomas | US United States | Emma Richardson | T1134 |
| ALR-00236 | 23h ago | Tor Exit Node Connection | Medium | Escalated | DecoyPulse | WS-PC-004 | system | BR Brazil | Marcus Webb | T1090.003 |
| ALR-00115 | 1d ago | Insider Threat Indicator | Medium | Escalated | Dark Web Monitor | VM-DEV-01 | f.hall | KP North Korea | Emma Richardson | T1119 |
| ALR-00249 | 1d ago | C2 Beacon Activity | Medium | Resolved | Email Gateway | WS-PC-006 | k.brown | US United States | Sarah Chen | T1071.001 |
| ALR-00151 | 1d ago | Anomalous DNS Query | Medium | Open | DecoyPulse | VM-DEV-01 | l.johnson | UA Ukraine | Sarah Chen | T1568.002 |
| ALR-00112 | 1d ago | Pass-the-Hash Detected | Medium | Investigating | DecoyPulse | SRV-WEB-01 | k.brown | KP North Korea | James Okonkwo | T1550.002 |
| ALR-00147 | 1d ago | DLP Policy Violation | Medium | Escalated | Attack Surface Scanner | AP-WIFI-03 | m.taylor | KP North Korea | Marcus Webb | T1048 |
| ALR-00219 | 1d ago | Failed MFA Challenge | Medium | Resolved | SOC365 Engine | VM-DEV-01 | m.taylor | FR France | Marcus Webb | T1621 |
| ALR-00188 | 1d ago | Certificate Anomaly | Medium | Escalated | Email Gateway | WS-PC-003 | a.wilson | IN India | Emma Richardson | T1553.004 |
| ALR-00122 | 1d ago | DecoyPulse Honeypot Triggered | Medium | Resolved | Attack Surface Scanner | WS-PC-004 | c.williams | KP North Korea | Marcus Webb | T1018 |
| ALR-00011 | 1d ago | Data Exfiltration Attempt | Medium | False Positive | Email Gateway | WS-PC-002 | h.roberts | IN India | Sarah Chen | T1567.002 |
| ALR-00084 | 1d ago | Tor Exit Node Connection | Medium | False Positive | Endpoint Agent | SRV-WEB-01 | system | CN China | Marcus Webb | T1090.003 |
| ALR-00038 | 1d ago | Insider Threat Indicator | Medium | Investigating | Attack Surface Scanner | FW-EDGE-01 | r.davies | CN China | James Okonkwo | T1119 |
| ALR-00105 | 1d ago | Credential Stuffing Attempt | Medium | Escalated | Dark Web Monitor | WS-LAP-012 | p.thomas | RO Romania | Emma Richardson | T1110.004 |
| ALR-00072 | 1d ago | Rogue DHCP Server | Medium | Investigating | Email Gateway | WS-LAP-012 | e.evans | UA Ukraine | James Okonkwo | T1557.003 |
| ALR-00229 | 1d ago | C2 Beacon Activity | Medium | Escalated | SOC365 Engine | SRV-SQL-01 | l.johnson | CN China | Anika Patel | T1071.001 |
| ALR-00063 | 1d ago | Insider Threat Indicator | Medium | Resolved | DecoyPulse | AP-WIFI-03 | p.thomas | KP North Korea | Anika Patel | T1119 |
| ALR-00329 | 1d ago | Credential Stuffing Attempt | Medium | Resolved | Attack Surface Scanner | WS-LAP-010 | l.johnson | RO Romania | Marcus Webb | T1110.004 |
| ALR-00060 | 2d ago | Unusual Outbound Traffic | Medium | Resolved | Cloud Connector | SRV-BACKUP-01 | e.evans | GB United Kingdom | James Okonkwo | T1041 |
| ALR-00339 | 2d ago | Kerberoasting Attempt | Medium | Escalated | EmilyAI Triage | WS-PC-006 | n.clark | CN China | Sarah Chen | T1558.003 |
| ALR-00270 | 2d ago | C2 Beacon Activity | Medium | Resolved | Attack Surface Scanner | WS-PC-003 | j.smith | NL Netherlands | James Okonkwo | T1071.001 |
| ALR-00087 | 2d ago | Suspicious Scheduled Task | Medium | Open | Email Gateway | SRV-WEB-01 | d.walker | VN Vietnam | Anika Patel | T1053.005 |
| ALR-00010 | 2d ago | Port Scan Detected | Medium | Resolved | SOC365 Engine | WS-PC-002 | a.wilson | VN Vietnam | Emma Richardson | T1046 |
| ALR-00243 | 2d ago | Failed MFA Challenge | Medium | Resolved | SOC365 Engine | WS-PC-004 | c.williams | KP North Korea | Anika Patel | T1621 |
| ALR-00091 | 2d ago | Shadow IT Discovery | Medium | Open | EmilyAI Triage | SRV-DC-01 | j.smith | VN Vietnam | James Okonkwo | T1567 |
| ALR-00090 | 2d ago | Suspicious Scheduled Task | Medium | Open | Cloud Connector | SRV-DC-01 | c.williams | US United States | Anika Patel | T1053.005 |
| ALR-00203 | 2d ago | Privilege Escalation Attempt | Medium | Investigating | EmilyAI Triage | SRV-SQL-01 | j.smith | RO Romania | Sarah Chen | T1134 |
| ALR-00051 | 3d ago | Pass-the-Hash Detected | Medium | False Positive | Attack Surface Scanner | SRV-BACKUP-01 | d.walker | VN Vietnam | James Okonkwo | T1550.002 |
| ALR-00113 | 3d ago | Shadow IT Discovery | Medium | Escalated | Cloud Connector | WS-PC-001 | n.clark | BR Brazil | Marcus Webb | T1567 |
| ALR-00176 | 3d ago | Lateral Movement Detected | Medium | Open | DecoyPulse | SRV-DC-01 | k.brown | UA Ukraine | Sarah Chen | T1021.002 |
| ALR-00096 | 3d ago | Kerberoasting Attempt | Medium | Investigating | SOC365 Engine | AP-WIFI-03 | r.davies | DE Germany | Emma Richardson | T1558.003 |
| ALR-00330 | 3d ago | Brute Force SSH | Medium | Investigating | Endpoint Agent | WS-PC-004 | c.williams | US United States | Sarah Chen | T1110.001 |
| ALR-00142 | 3d ago | Anomalous DNS Query | Medium | False Positive | EmilyAI Triage | AP-WIFI-03 | r.davies | RO Romania | Anika Patel | T1568.002 |
| ALR-00034 | 3d ago | Data Exfiltration Attempt | Medium | Escalated | SOC365 Engine | SRV-SQL-01 | e.evans | KP North Korea | Emma Richardson | T1567.002 |
| ALR-00207 | 3d ago | Shadow IT Discovery | Medium | Escalated | Attack Surface Scanner | SW-CORE-01 | d.walker | RO Romania | Emma Richardson | T1567 |
| ALR-00172 | 3d ago | Unauthorised USB Device | Medium | Open | Attack Surface Scanner | SRV-BACKUP-01 | j.smith | DE Germany | James Okonkwo | T1091 |
| ALR-00036 | 3d ago | Certificate Anomaly | Medium | Escalated | Attack Surface Scanner | SRV-WEB-01 | n.clark | RU Russia | Anika Patel | T1553.004 |
| ALR-00107 | 3d ago | Malware Signature Match | Medium | False Positive | Cloud Connector | SRV-MAIL-01 | j.smith | RO Romania | James Okonkwo | T1204.002 |
| ALR-00042 | 3d ago | Rogue DHCP Server | Medium | Open | Endpoint Agent | SRV-SQL-01 | f.hall | UA Ukraine | Sarah Chen | T1557.003 |
| ALR-00106 | 3d ago | Tor Exit Node Connection | Medium | Open | Attack Surface Scanner | SRV-DC-01 | j.smith | GB United Kingdom | Anika Patel | T1090.003 |
| ALR-00205 | 3d ago | Rogue DHCP Server | Medium | Open | Firewall | WS-PC-003 | j.smith | BR Brazil | Anika Patel | T1557.003 |
| ALR-00257 | 3d ago | Credential Stuffing Attempt | Medium | Escalated | EmilyAI Triage | WS-LAP-011 | j.smith | CN China | Sarah Chen | T1110.004 |
| ALR-00098 | 3d ago | Anomalous DNS Query | Medium | Escalated | EmilyAI Triage | WS-PC-004 | a.wilson | IN India | Marcus Webb | T1568.002 |
| ALR-00032 | 3d ago | Shadow IT Discovery | Medium | Escalated | Endpoint Agent | AP-WIFI-03 | c.williams | US United States | Emma Richardson | T1567 |
| ALR-00031 | 3d ago | Shadow IT Discovery | Medium | Escalated | Firewall | WS-PC-002 | e.evans | DE Germany | Sarah Chen | T1567 |
| ALR-00181 | 4d ago | Failed MFA Challenge | Medium | Resolved | Email Gateway | WS-PC-001 | m.taylor | KP North Korea | James Okonkwo | T1621 |
| ALR-00225 | 4d ago | DecoyPulse Honeypot Triggered | Medium | False Positive | Firewall | WS-PC-004 | system | RO Romania | Anika Patel | T1018 |
| ALR-00164 | 4d ago | Rogue DHCP Server | Medium | Escalated | SOC365 Engine | SRV-DC-01 | r.davies | RO Romania | Sarah Chen | T1557.003 |
| ALR-00029 | 4d ago | Tor Exit Node Connection | Medium | False Positive | Cloud Connector | SRV-BACKUP-01 | l.johnson | US United States | James Okonkwo | T1090.003 |
| ALR-00290 | 4d ago | Kerberoasting Attempt | Medium | Escalated | EmilyAI Triage | SRV-WEB-01 | m.taylor | US United States | James Okonkwo | T1558.003 |
| ALR-00192 | 4d ago | Rogue DHCP Server | Medium | Open | SOC365 Engine | WS-LAP-011 | d.walker | KP North Korea | Anika Patel | T1557.003 |
| ALR-00094 | 4d ago | Credential Stuffing Attempt | Medium | False Positive | Email Gateway | AP-WIFI-03 | system | DE Germany | Sarah Chen | T1110.004 |
| ALR-00282 | 4d ago | Unusual Outbound Traffic | Medium | False Positive | DecoyPulse | SRV-WEB-01 | j.smith | RU Russia | Sarah Chen | T1041 |
| ALR-00193 | 4d ago | Unusual Outbound Traffic | Medium | Escalated | Attack Surface Scanner | WS-LAP-012 | n.clark | FR France | Marcus Webb | T1041 |
| ALR-00158 | 4d ago | Shadow IT Discovery | Medium | Resolved | Firewall | WS-PC-004 | j.smith | NG Nigeria | Marcus Webb | T1567 |
| ALR-00237 | 4d ago | DecoyPulse Honeypot Triggered | Medium | Open | EmilyAI Triage | WS-PC-001 | r.davies | FR France | Anika Patel | T1018 |
| ALR-00024 | 4d ago | Lateral Movement Detected | Medium | Resolved | Dark Web Monitor | SRV-DC-01 | j.smith | RU Russia | Sarah Chen | T1021.002 |
| ALR-00095 | 5d ago | Tor Exit Node Connection | Medium | Resolved | DLP Module | SRV-FILE-01 | n.clark | UA Ukraine | Marcus Webb | T1090.003 |
| ALR-00128 | 5d ago | Suspicious Scheduled Task | Medium | Resolved | Email Gateway | WS-PC-006 | f.hall | GB United Kingdom | Emma Richardson | T1053.005 |
| ALR-00319 | 5d ago | Unusual Outbound Traffic | Medium | Escalated | EmilyAI Triage | SRV-WEB-01 | c.williams | CN China | Sarah Chen | T1041 |
| ALR-00152 | 5d ago | Phishing Email Blocked | Medium | Open | Cloud Connector | SRV-FILE-01 | k.brown | UA Ukraine | Anika Patel | T1566.001 |
| ALR-00141 | 5d ago | Malware Signature Match | Medium | False Positive | Dark Web Monitor | WS-LAP-010 | e.evans | IN India | Sarah Chen | T1204.002 |
| ALR-00340 | 5d ago | DLP Policy Violation | Medium | Escalated | Attack Surface Scanner | WS-PC-001 | system | VN Vietnam | Marcus Webb | T1048 |
| ALR-00160 | 5d ago | Rogue DHCP Server | Medium | Open | Attack Surface Scanner | WS-MAC-005 | s.jones | GB United Kingdom | Anika Patel | T1557.003 |
| ALR-00259 | 5d ago | Failed MFA Challenge | Medium | Escalated | SOC365 Engine | WS-LAP-011 | l.johnson | FR France | Emma Richardson | T1621 |
| ALR-00097 | 5d ago | Tor Exit Node Connection | Medium | Investigating | Firewall | SRV-BACKUP-01 | d.walker | NG Nigeria | Marcus Webb | T1090.003 |
| ALR-00292 | 5d ago | Unauthorised USB Device | Medium | Escalated | Endpoint Agent | WS-MAC-005 | a.wilson | NG Nigeria | Marcus Webb | T1091 |
| ALR-00265 | 5d ago | Malware Signature Match | Medium | Investigating | Email Gateway | SRV-MAIL-01 | m.taylor | KP North Korea | Emma Richardson | T1204.002 |
| ALR-00085 | 5d ago | Brute Force SSH | Medium | Investigating | Endpoint Agent | FW-EDGE-01 | l.johnson | IN India | James Okonkwo | T1110.001 |
| ALR-00279 | 6d ago | Brute Force SSH | Medium | False Positive | Firewall | AP-WIFI-03 | l.johnson | NG Nigeria | James Okonkwo | T1110.001 |
| ALR-00137 | 6d ago | Suspicious Scheduled Task | Medium | Open | Endpoint Agent | WS-PC-004 | l.johnson | FR France | James Okonkwo | T1053.005 |
| ALR-00266 | 6d ago | Phishing Email Blocked | Medium | Resolved | Firewall | WS-LAP-010 | system | US United States | James Okonkwo | T1566.001 |
| ALR-00064 | 6d ago | Anomalous DNS Query | Medium | False Positive | DecoyPulse | SRV-SQL-01 | e.evans | GB United Kingdom | James Okonkwo | T1568.002 |
| ALR-00200 | 6d ago | C2 Beacon Activity | Medium | Open | Email Gateway | WS-LAP-012 | p.thomas | CN China | Sarah Chen | T1071.001 |
| ALR-00276 | 6d ago | C2 Beacon Activity | Medium | Investigating | DLP Module | WS-MAC-005 | e.evans | NL Netherlands | Sarah Chen | T1071.001 |
| ALR-00247 | 6d ago | Anomalous DNS Query | Medium | Resolved | Attack Surface Scanner | WS-PC-001 | p.thomas | DE Germany | James Okonkwo | T1568.002 |
| ALR-00256 | 6d ago | Unusual Outbound Traffic | Medium | Resolved | Firewall | WS-LAP-012 | j.smith | CN China | Anika Patel | T1041 |
| ALR-00289 | 6d ago | Ransomware Behaviour Detected | Medium | Open | EmilyAI Triage | WS-LAP-011 | l.johnson | KP North Korea | James Okonkwo | T1486 |
| ALR-00273 | 6d ago | C2 Beacon Activity | Medium | Investigating | Network IDS | SRV-APP-01 | s.jones | IR Iran | Sarah Chen | T1071.001 |
| ALR-00197 | 6d ago | DecoyPulse Honeypot Triggered | Medium | Escalated | Email Gateway | WS-LAP-012 | k.brown | NG Nigeria | Emma Richardson | T1018 |
| ALR-00234 | 6d ago | Suspicious PowerShell Execution | Medium | Investigating | Email Gateway | FW-EDGE-01 | system | FR France | James Okonkwo | T1059.001 |
| ALR-00187 | 6d ago | Malware Signature Match | Medium | Open | DecoyPulse | WS-PC-004 | p.thomas | NG Nigeria | James Okonkwo | T1204.002 |
| ALR-00044 | 6d ago | Certificate Anomaly | Medium | Resolved | Attack Surface Scanner | WS-PC-002 | c.williams | RO Romania | James Okonkwo | T1553.004 |
| ALR-00184 | 6d ago | Insider Threat Indicator | Medium | Escalated | Network IDS | AP-WIFI-03 | k.brown | BR Brazil | Emma Richardson | T1119 |