Medium Alerts
100 alerts
| ID | Timestamp | Alert Type | Severity | Status | Source | Hostname | User | Origin | Analyst | MITRE |
|---|---|---|---|---|---|---|---|---|---|---|
| ALR-00092 | 44m ago | Unusual Outbound Traffic | Medium | Escalated | DLP Module | WS-LAP-012 | system | UA Ukraine | Sarah Chen | T1041 |
| ALR-00108 | 1h ago | Failed MFA Challenge | Medium | Resolved | SOC365 Engine | WS-LAP-011 | a.wilson | DE Germany | Emma Richardson | T1621 |
| ALR-00192 | 2h ago | Phishing Email Blocked | Medium | Investigating | Endpoint Agent | WS-PC-006 | n.clark | NG Nigeria | Anika Patel | T1566.001 |
| ALR-00190 | 4h ago | C2 Beacon Activity | Medium | Escalated | Dark Web Monitor | WS-PC-004 | e.evans | BR Brazil | James Okonkwo | T1071.001 |
| ALR-00048 | 5h ago | Phishing Email Blocked | Medium | Resolved | Cloud Connector | WS-PC-002 | s.jones | IR Iran | Emma Richardson | T1566.001 |
| ALR-00112 | 6h ago | Pass-the-Hash Detected | Medium | Investigating | Network IDS | WS-LAP-012 | p.thomas | NL Netherlands | Sarah Chen | T1550.002 |
| ALR-00061 | 6h ago | Insider Threat Indicator | Medium | False Positive | SOC365 Engine | WS-PC-001 | k.brown | GB United Kingdom | James Okonkwo | T1119 |
| ALR-00228 | 10h ago | Malware Signature Match | Medium | Investigating | Dark Web Monitor | SRV-SQL-01 | d.walker | UA Ukraine | Sarah Chen | T1204.002 |
| ALR-00350 | 13h ago | Port Scan Detected | Medium | Resolved | Firewall | AP-WIFI-03 | system | UA Ukraine | Sarah Chen | T1046 |
| ALR-00177 | 15h ago | DLP Policy Violation | Medium | Investigating | EmilyAI Triage | WS-MAC-005 | r.davies | RU Russia | Marcus Webb | T1048 |
| ALR-00276 | 16h ago | Unauthorised USB Device | Medium | Open | DecoyPulse | WS-PC-003 | h.roberts | RO Romania | Anika Patel | T1091 |
| ALR-00175 | 18h ago | C2 Beacon Activity | Medium | False Positive | DLP Module | SW-CORE-01 | c.williams | GB United Kingdom | Marcus Webb | T1071.001 |
| ALR-00267 | 19h ago | Failed MFA Challenge | Medium | False Positive | Email Gateway | SRV-DC-01 | m.taylor | NG Nigeria | Marcus Webb | T1621 |
| ALR-00068 | 21h ago | Pass-the-Hash Detected | Medium | Open | DLP Module | SRV-DC-01 | j.smith | CN China | Marcus Webb | T1550.002 |
| ALR-00012 | 21h ago | Shadow IT Discovery | Medium | Investigating | Endpoint Agent | WS-PC-003 | m.taylor | NG Nigeria | Sarah Chen | T1567 |
| ALR-00204 | 22h ago | Data Exfiltration Attempt | Medium | Open | Email Gateway | VM-DEV-01 | c.williams | UA Ukraine | Sarah Chen | T1567.002 |
| ALR-00236 | 22h ago | Port Scan Detected | Medium | Resolved | Dark Web Monitor | WS-PC-001 | c.williams | BR Brazil | Marcus Webb | T1046 |
| ALR-00119 | 1d ago | Certificate Anomaly | Medium | Investigating | EmilyAI Triage | VM-DEV-01 | r.davies | RO Romania | Emma Richardson | T1553.004 |
| ALR-00319 | 1d ago | Credential Stuffing Attempt | Medium | Escalated | SOC365 Engine | WS-PC-004 | f.hall | CN China | James Okonkwo | T1110.004 |
| ALR-00121 | 1d ago | Malware Signature Match | Medium | Escalated | DecoyPulse | WS-MAC-005 | e.evans | UA Ukraine | Sarah Chen | T1204.002 |
| ALR-00128 | 1d ago | Lateral Movement Detected | Medium | False Positive | Attack Surface Scanner | SRV-BACKUP-01 | r.davies | UA Ukraine | Marcus Webb | T1021.002 |
| ALR-00358 | 1d ago | Port Scan Detected | Medium | Resolved | Cloud Connector | SRV-SQL-01 | k.brown | CN China | Marcus Webb | T1046 |
| ALR-00077 | 1d ago | Malware Signature Match | Medium | False Positive | DecoyPulse | SRV-FILE-01 | f.hall | IR Iran | Marcus Webb | T1204.002 |
| ALR-00257 | 1d ago | Shadow IT Discovery | Medium | False Positive | DLP Module | WS-PC-006 | system | KP North Korea | Sarah Chen | T1567 |
| ALR-00347 | 1d ago | DLP Policy Violation | Medium | Escalated | SOC365 Engine | WS-LAP-012 | p.thomas | DE Germany | Emma Richardson | T1048 |
| ALR-00093 | 1d ago | Failed MFA Challenge | Medium | Open | DLP Module | SRV-DC-01 | j.smith | VN Vietnam | Anika Patel | T1621 |
| ALR-00313 | 1d ago | Unauthorised USB Device | Medium | Open | DecoyPulse | WS-PC-006 | l.johnson | GB United Kingdom | Anika Patel | T1091 |
| ALR-00244 | 1d ago | Data Exfiltration Attempt | Medium | Investigating | Dark Web Monitor | AP-WIFI-03 | p.thomas | DE Germany | Marcus Webb | T1567.002 |
| ALR-00186 | 2d ago | Lateral Movement Detected | Medium | False Positive | SOC365 Engine | SRV-FILE-01 | k.brown | DE Germany | Anika Patel | T1021.002 |
| ALR-00245 | 2d ago | C2 Beacon Activity | Medium | False Positive | Cloud Connector | AP-WIFI-03 | system | BR Brazil | Anika Patel | T1071.001 |
| ALR-00050 | 2d ago | Suspicious PowerShell Execution | Medium | False Positive | Cloud Connector | SRV-BACKUP-01 | d.walker | CN China | Sarah Chen | T1059.001 |
| ALR-00053 | 2d ago | Data Exfiltration Attempt | Medium | Resolved | EmilyAI Triage | FW-EDGE-01 | k.brown | NL Netherlands | Anika Patel | T1567.002 |
| ALR-00029 | 2d ago | Port Scan Detected | Medium | False Positive | Network IDS | WS-PC-001 | k.brown | FR France | Sarah Chen | T1046 |
| ALR-00120 | 2d ago | Kerberoasting Attempt | Medium | Investigating | Attack Surface Scanner | SRV-BACKUP-01 | m.taylor | IR Iran | James Okonkwo | T1558.003 |
| ALR-00193 | 2d ago | Shadow IT Discovery | Medium | Resolved | Attack Surface Scanner | WS-PC-002 | s.jones | RO Romania | Emma Richardson | T1567 |
| ALR-00079 | 2d ago | C2 Beacon Activity | Medium | Open | DecoyPulse | SRV-FILE-01 | a.wilson | RU Russia | Anika Patel | T1071.001 |
| ALR-00277 | 2d ago | Brute Force SSH | Medium | Open | SOC365 Engine | WS-LAP-012 | d.walker | NG Nigeria | Sarah Chen | T1110.001 |
| ALR-00138 | 2d ago | Malware Signature Match | Medium | Escalated | DecoyPulse | WS-LAP-012 | s.jones | NL Netherlands | Anika Patel | T1204.002 |
| ALR-00183 | 2d ago | Phishing Email Blocked | Medium | False Positive | SOC365 Engine | WS-PC-006 | l.johnson | BR Brazil | James Okonkwo | T1566.001 |
| ALR-00168 | 3d ago | Tor Exit Node Connection | Medium | False Positive | Email Gateway | WS-PC-006 | a.wilson | VN Vietnam | Sarah Chen | T1090.003 |
| ALR-00345 | 3d ago | Suspicious PowerShell Execution | Medium | Escalated | SOC365 Engine | SRV-MAIL-01 | r.davies | DE Germany | James Okonkwo | T1059.001 |
| ALR-00010 | 3d ago | Unauthorised USB Device | Medium | Open | DecoyPulse | WS-LAP-012 | h.roberts | BR Brazil | Marcus Webb | T1091 |
| ALR-00042 | 3d ago | DecoyPulse Honeypot Triggered | Medium | Resolved | Email Gateway | FW-EDGE-01 | l.johnson | NG Nigeria | Marcus Webb | T1018 |
| ALR-00089 | 3d ago | Malware Signature Match | Medium | Escalated | Dark Web Monitor | SRV-MAIL-01 | h.roberts | UA Ukraine | James Okonkwo | T1204.002 |
| ALR-00003 | 3d ago | Insider Threat Indicator | Medium | Resolved | Firewall | VM-DEV-01 | a.wilson | US United States | Marcus Webb | T1119 |
| ALR-00110 | 3d ago | Pass-the-Hash Detected | Medium | Resolved | Email Gateway | VM-DEV-01 | p.thomas | KP North Korea | James Okonkwo | T1550.002 |
| ALR-00171 | 3d ago | C2 Beacon Activity | Medium | Investigating | SOC365 Engine | SRV-FILE-01 | system | DE Germany | Emma Richardson | T1071.001 |
| ALR-00208 | 3d ago | Privilege Escalation Attempt | Medium | Escalated | Email Gateway | SRV-WEB-01 | j.smith | DE Germany | Marcus Webb | T1134 |
| ALR-00173 | 3d ago | Suspicious PowerShell Execution | Medium | Investigating | EmilyAI Triage | WS-MAC-005 | h.roberts | UA Ukraine | Emma Richardson | T1059.001 |
| ALR-00216 | 4d ago | C2 Beacon Activity | Medium | Resolved | Attack Surface Scanner | WS-LAP-011 | p.thomas | KP North Korea | Sarah Chen | T1071.001 |
| ALR-00205 | 4d ago | Unusual Outbound Traffic | Medium | Escalated | SOC365 Engine | AP-WIFI-03 | c.williams | IR Iran | Sarah Chen | T1041 |
| ALR-00030 | 4d ago | Port Scan Detected | Medium | Investigating | Email Gateway | SW-CORE-01 | k.brown | RO Romania | Emma Richardson | T1046 |
| ALR-00039 | 4d ago | Lateral Movement Detected | Medium | Open | Attack Surface Scanner | SRV-DC-01 | system | UA Ukraine | James Okonkwo | T1021.002 |
| ALR-00047 | 4d ago | C2 Beacon Activity | Medium | Escalated | Dark Web Monitor | WS-PC-003 | k.brown | KP North Korea | Emma Richardson | T1071.001 |
| ALR-00268 | 4d ago | Phishing Email Blocked | Medium | Investigating | DecoyPulse | WS-PC-003 | d.walker | IN India | Emma Richardson | T1566.001 |
| ALR-00028 | 4d ago | Brute Force SSH | Medium | Escalated | Email Gateway | FW-EDGE-01 | r.davies | NL Netherlands | Sarah Chen | T1110.001 |
| ALR-00351 | 4d ago | Privilege Escalation Attempt | Medium | Investigating | Dark Web Monitor | VM-DEV-01 | system | VN Vietnam | Emma Richardson | T1134 |
| ALR-00139 | 4d ago | Insider Threat Indicator | Medium | Investigating | EmilyAI Triage | WS-MAC-005 | h.roberts | VN Vietnam | Sarah Chen | T1119 |
| ALR-00198 | 4d ago | Malware Signature Match | Medium | Investigating | Firewall | WS-PC-001 | m.taylor | US United States | James Okonkwo | T1204.002 |
| ALR-00248 | 4d ago | Suspicious PowerShell Execution | Medium | False Positive | Endpoint Agent | WS-PC-004 | l.johnson | GB United Kingdom | Marcus Webb | T1059.001 |
| ALR-00263 | 4d ago | Tor Exit Node Connection | Medium | Investigating | Firewall | WS-MAC-005 | p.thomas | NG Nigeria | Sarah Chen | T1090.003 |
| ALR-00020 | 4d ago | Rogue DHCP Server | Medium | Open | DLP Module | SRV-FILE-01 | p.thomas | IR Iran | Marcus Webb | T1557.003 |
| ALR-00298 | 4d ago | Tor Exit Node Connection | Medium | Escalated | EmilyAI Triage | WS-PC-003 | f.hall | GB United Kingdom | Sarah Chen | T1090.003 |
| ALR-00017 | 4d ago | Brute Force SSH | Medium | False Positive | DecoyPulse | VM-DEV-01 | k.brown | BR Brazil | James Okonkwo | T1110.001 |
| ALR-00071 | 4d ago | Credential Stuffing Attempt | Medium | Escalated | Dark Web Monitor | SRV-FILE-01 | n.clark | NG Nigeria | Sarah Chen | T1110.004 |
| ALR-00040 | 4d ago | Data Exfiltration Attempt | Medium | Resolved | DecoyPulse | SRV-APP-01 | l.johnson | RO Romania | Anika Patel | T1567.002 |
| ALR-00080 | 4d ago | Unauthorised USB Device | Medium | Escalated | Firewall | SRV-MAIL-01 | k.brown | NG Nigeria | Marcus Webb | T1091 |
| ALR-00179 | 4d ago | Ransomware Behaviour Detected | Medium | Resolved | Email Gateway | VM-DEV-01 | a.wilson | NL Netherlands | Anika Patel | T1486 |
| ALR-00284 | 4d ago | Lateral Movement Detected | Medium | Investigating | EmilyAI Triage | AP-WIFI-03 | p.thomas | CN China | Emma Richardson | T1021.002 |
| ALR-00317 | 4d ago | Suspicious Scheduled Task | Medium | Investigating | Dark Web Monitor | AP-WIFI-03 | j.smith | US United States | Sarah Chen | T1053.005 |
| ALR-00084 | 5d ago | Phishing Email Blocked | Medium | Investigating | SOC365 Engine | WS-PC-001 | h.roberts | NL Netherlands | Sarah Chen | T1566.001 |
| ALR-00158 | 5d ago | Rogue DHCP Server | Medium | Escalated | Network IDS | WS-MAC-005 | s.jones | KP North Korea | James Okonkwo | T1557.003 |
| ALR-00085 | 5d ago | Ransomware Behaviour Detected | Medium | Open | Cloud Connector | SRV-SQL-01 | d.walker | IN India | Sarah Chen | T1486 |
| ALR-00041 | 5d ago | Insider Threat Indicator | Medium | Escalated | SOC365 Engine | AP-WIFI-03 | j.smith | UA Ukraine | James Okonkwo | T1119 |
| ALR-00259 | 5d ago | Unauthorised USB Device | Medium | Investigating | Email Gateway | FW-EDGE-01 | f.hall | DE Germany | Anika Patel | T1091 |
| ALR-00233 | 5d ago | Ransomware Behaviour Detected | Medium | False Positive | Attack Surface Scanner | SRV-DC-01 | e.evans | US United States | Marcus Webb | T1486 |
| ALR-00207 | 5d ago | Unusual Outbound Traffic | Medium | False Positive | DecoyPulse | FW-EDGE-01 | d.walker | KP North Korea | Sarah Chen | T1041 |
| ALR-00222 | 5d ago | C2 Beacon Activity | Medium | Escalated | Email Gateway | SW-CORE-01 | system | UA Ukraine | Emma Richardson | T1071.001 |
| ALR-00287 | 5d ago | DLP Policy Violation | Medium | Open | Dark Web Monitor | WS-MAC-005 | system | UA Ukraine | Anika Patel | T1048 |
| ALR-00148 | 5d ago | Shadow IT Discovery | Medium | False Positive | Endpoint Agent | WS-LAP-012 | e.evans | CN China | James Okonkwo | T1567 |
| ALR-00334 | 5d ago | Suspicious Scheduled Task | Medium | Escalated | Firewall | WS-MAC-005 | p.thomas | IN India | Marcus Webb | T1053.005 |
| ALR-00337 | 5d ago | Malware Signature Match | Medium | False Positive | Network IDS | WS-LAP-011 | system | CN China | Marcus Webb | T1204.002 |
| ALR-00332 | 5d ago | Suspicious Scheduled Task | Medium | False Positive | Firewall | SRV-BACKUP-01 | e.evans | GB United Kingdom | James Okonkwo | T1053.005 |
| ALR-00330 | 5d ago | Ransomware Behaviour Detected | Medium | Investigating | Network IDS | WS-LAP-012 | e.evans | RU Russia | James Okonkwo | T1486 |
| ALR-00082 | 6d ago | Unauthorised USB Device | Medium | Resolved | Firewall | WS-MAC-005 | j.smith | BR Brazil | James Okonkwo | T1091 |
| ALR-00283 | 6d ago | Pass-the-Hash Detected | Medium | False Positive | Network IDS | WS-LAP-011 | e.evans | IR Iran | Anika Patel | T1550.002 |
| ALR-00304 | 6d ago | Pass-the-Hash Detected | Medium | Resolved | SOC365 Engine | WS-PC-001 | c.williams | DE Germany | Anika Patel | T1550.002 |
| ALR-00246 | 6d ago | Unauthorised USB Device | Medium | Resolved | Dark Web Monitor | SRV-BACKUP-01 | n.clark | UA Ukraine | Marcus Webb | T1091 |
| ALR-00045 | 6d ago | Suspicious PowerShell Execution | Medium | Open | Attack Surface Scanner | SRV-MAIL-01 | k.brown | KP North Korea | Emma Richardson | T1059.001 |
| ALR-00123 | 6d ago | Privilege Escalation Attempt | Medium | Open | EmilyAI Triage | WS-PC-001 | a.wilson | US United States | Anika Patel | T1134 |
| ALR-00231 | 6d ago | DLP Policy Violation | Medium | Resolved | Cloud Connector | WS-LAP-012 | h.roberts | UA Ukraine | Marcus Webb | T1048 |
| ALR-00122 | 6d ago | Suspicious PowerShell Execution | Medium | False Positive | Dark Web Monitor | SW-CORE-01 | d.walker | RO Romania | James Okonkwo | T1059.001 |
| ALR-00340 | 6d ago | C2 Beacon Activity | Medium | Investigating | Attack Surface Scanner | WS-PC-004 | h.roberts | GB United Kingdom | Emma Richardson | T1071.001 |
| ALR-00271 | 6d ago | Pass-the-Hash Detected | Medium | Resolved | EmilyAI Triage | SRV-FILE-01 | h.roberts | RU Russia | Anika Patel | T1550.002 |
| ALR-00333 | 6d ago | Phishing Email Blocked | Medium | Resolved | Endpoint Agent | WS-PC-004 | h.roberts | BR Brazil | Anika Patel | T1566.001 |
| ALR-00188 | 6d ago | Data Exfiltration Attempt | Medium | Open | Endpoint Agent | WS-LAP-010 | p.thomas | CN China | James Okonkwo | T1567.002 |
| ALR-00049 | 6d ago | Unusual Outbound Traffic | Medium | Investigating | DecoyPulse | VM-DEV-01 | j.smith | IR Iran | Anika Patel | T1041 |
| ALR-00278 | 6d ago | Tor Exit Node Connection | Medium | Open | Network IDS | WS-PC-002 | h.roberts | IN India | Emma Richardson | T1090.003 |
| ALR-00221 | 6d ago | Shadow IT Discovery | Medium | Investigating | Network IDS | SRV-MAIL-01 | system | VN Vietnam | Sarah Chen | T1567 |
| ALR-00354 | 6d ago | Credential Stuffing Attempt | Medium | Escalated | SOC365 Engine | SRV-SQL-01 | f.hall | DE Germany | James Okonkwo | T1110.004 |