Medium Alerts
100 alerts
| ID | Timestamp | Alert Type | Severity | Status | Source | Hostname | User | Origin | Analyst | MITRE |
|---|---|---|---|---|---|---|---|---|---|---|
| ALR-00228 | 34m ago | Insider Threat Indicator | Medium | Open | Attack Surface Scanner | FW-EDGE-01 | n.clark | IR Iran | Anika Patel | T1119 |
| ALR-00155 | 3h ago | Unauthorised USB Device | Medium | Resolved | Attack Surface Scanner | WS-PC-004 | f.hall | NG Nigeria | Anika Patel | T1091 |
| ALR-00308 | 5h ago | Suspicious PowerShell Execution | Medium | False Positive | Endpoint Agent | WS-PC-001 | m.taylor | US United States | Anika Patel | T1059.001 |
| ALR-00217 | 6h ago | Brute Force SSH | Medium | Open | DLP Module | WS-PC-001 | r.davies | UA Ukraine | James Okonkwo | T1110.001 |
| ALR-00168 | 6h ago | Shadow IT Discovery | Medium | Investigating | SOC365 Engine | SRV-FILE-01 | f.hall | FR France | James Okonkwo | T1567 |
| ALR-00234 | 7h ago | Tor Exit Node Connection | Medium | False Positive | Network IDS | AP-WIFI-03 | a.wilson | KP North Korea | Emma Richardson | T1090.003 |
| ALR-00133 | 8h ago | Failed MFA Challenge | Medium | Escalated | Endpoint Agent | WS-MAC-005 | p.thomas | BR Brazil | Anika Patel | T1621 |
| ALR-00122 | 8h ago | Anomalous DNS Query | Medium | False Positive | Firewall | WS-MAC-005 | l.johnson | NL Netherlands | James Okonkwo | T1568.002 |
| ALR-00238 | 9h ago | Suspicious PowerShell Execution | Medium | False Positive | EmilyAI Triage | SRV-FILE-01 | a.wilson | IR Iran | James Okonkwo | T1059.001 |
| ALR-00330 | 12h ago | Port Scan Detected | Medium | False Positive | DecoyPulse | SRV-WEB-01 | a.wilson | NL Netherlands | Sarah Chen | T1046 |
| ALR-00022 | 15h ago | Rogue DHCP Server | Medium | Resolved | Dark Web Monitor | WS-PC-004 | e.evans | BR Brazil | Anika Patel | T1557.003 |
| ALR-00305 | 17h ago | Insider Threat Indicator | Medium | False Positive | Dark Web Monitor | SRV-BACKUP-01 | a.wilson | DE Germany | Marcus Webb | T1119 |
| ALR-00073 | 18h ago | Phishing Email Blocked | Medium | Escalated | Cloud Connector | WS-LAP-012 | n.clark | RO Romania | James Okonkwo | T1566.001 |
| ALR-00185 | 19h ago | Ransomware Behaviour Detected | Medium | Investigating | EmilyAI Triage | SW-CORE-01 | h.roberts | GB United Kingdom | Marcus Webb | T1486 |
| ALR-00029 | 20h ago | Suspicious PowerShell Execution | Medium | False Positive | Dark Web Monitor | WS-PC-006 | d.walker | BR Brazil | Sarah Chen | T1059.001 |
| ALR-00053 | 1d ago | Failed MFA Challenge | Medium | Resolved | Dark Web Monitor | SRV-FILE-01 | m.taylor | RO Romania | Sarah Chen | T1621 |
| ALR-00079 | 1d ago | Suspicious PowerShell Execution | Medium | Investigating | Network IDS | SRV-SQL-01 | k.brown | FR France | Sarah Chen | T1059.001 |
| ALR-00076 | 1d ago | Ransomware Behaviour Detected | Medium | Escalated | Endpoint Agent | WS-PC-001 | h.roberts | KP North Korea | James Okonkwo | T1486 |
| ALR-00085 | 1d ago | Anomalous DNS Query | Medium | Resolved | DLP Module | FW-EDGE-01 | e.evans | KP North Korea | Sarah Chen | T1568.002 |
| ALR-00338 | 1d ago | DecoyPulse Honeypot Triggered | Medium | False Positive | DecoyPulse | SRV-FILE-01 | m.taylor | RU Russia | Marcus Webb | T1018 |
| ALR-00136 | 1d ago | Certificate Anomaly | Medium | Resolved | Dark Web Monitor | WS-PC-002 | j.smith | FR France | Sarah Chen | T1553.004 |
| ALR-00114 | 1d ago | Kerberoasting Attempt | Medium | Open | SOC365 Engine | VM-DEV-01 | f.hall | UA Ukraine | Marcus Webb | T1558.003 |
| ALR-00345 | 1d ago | Kerberoasting Attempt | Medium | Open | Email Gateway | FW-EDGE-01 | system | US United States | Marcus Webb | T1558.003 |
| ALR-00201 | 1d ago | Lateral Movement Detected | Medium | Open | Email Gateway | WS-PC-003 | a.wilson | NG Nigeria | Sarah Chen | T1021.002 |
| ALR-00250 | 1d ago | Ransomware Behaviour Detected | Medium | False Positive | Network IDS | AP-WIFI-03 | system | IN India | Anika Patel | T1486 |
| ALR-00187 | 1d ago | Pass-the-Hash Detected | Medium | Investigating | EmilyAI Triage | WS-PC-006 | c.williams | KP North Korea | Marcus Webb | T1550.002 |
| ALR-00004 | 2d ago | C2 Beacon Activity | Medium | Investigating | DecoyPulse | SRV-SQL-01 | c.williams | FR France | Sarah Chen | T1071.001 |
| ALR-00258 | 2d ago | Brute Force SSH | Medium | Escalated | Firewall | WS-LAP-011 | s.jones | NL Netherlands | Marcus Webb | T1110.001 |
| ALR-00280 | 2d ago | Port Scan Detected | Medium | False Positive | Endpoint Agent | VM-DEV-01 | p.thomas | UA Ukraine | James Okonkwo | T1046 |
| ALR-00334 | 2d ago | Suspicious PowerShell Execution | Medium | Escalated | Attack Surface Scanner | SRV-APP-01 | e.evans | RO Romania | James Okonkwo | T1059.001 |
| ALR-00306 | 2d ago | Tor Exit Node Connection | Medium | Escalated | Email Gateway | SRV-DC-01 | r.davies | NL Netherlands | Marcus Webb | T1090.003 |
| ALR-00202 | 2d ago | Brute Force SSH | Medium | False Positive | Endpoint Agent | WS-LAP-010 | h.roberts | KP North Korea | Anika Patel | T1110.001 |
| ALR-00291 | 2d ago | Privilege Escalation Attempt | Medium | Open | SOC365 Engine | SRV-SQL-01 | system | KP North Korea | Emma Richardson | T1134 |
| ALR-00145 | 2d ago | Malware Signature Match | Medium | Investigating | Network IDS | WS-PC-002 | j.smith | RO Romania | James Okonkwo | T1204.002 |
| ALR-00066 | 2d ago | Unusual Outbound Traffic | Medium | False Positive | Dark Web Monitor | WS-PC-001 | e.evans | GB United Kingdom | Marcus Webb | T1041 |
| ALR-00182 | 2d ago | Tor Exit Node Connection | Medium | False Positive | Attack Surface Scanner | VM-DEV-01 | k.brown | RU Russia | Marcus Webb | T1090.003 |
| ALR-00034 | 2d ago | Suspicious PowerShell Execution | Medium | Resolved | DecoyPulse | WS-LAP-011 | c.williams | FR France | Sarah Chen | T1059.001 |
| ALR-00287 | 2d ago | Pass-the-Hash Detected | Medium | False Positive | Network IDS | WS-LAP-011 | e.evans | RO Romania | Anika Patel | T1550.002 |
| ALR-00218 | 2d ago | Unauthorised USB Device | Medium | Open | Email Gateway | FW-EDGE-01 | e.evans | FR France | Marcus Webb | T1091 |
| ALR-00024 | 2d ago | DLP Policy Violation | Medium | Resolved | EmilyAI Triage | VM-DEV-01 | d.walker | IR Iran | James Okonkwo | T1048 |
| ALR-00121 | 2d ago | DecoyPulse Honeypot Triggered | Medium | Open | Cloud Connector | WS-LAP-012 | c.williams | KP North Korea | Marcus Webb | T1018 |
| ALR-00284 | 2d ago | Privilege Escalation Attempt | Medium | False Positive | DLP Module | SW-CORE-01 | r.davies | NL Netherlands | Emma Richardson | T1134 |
| ALR-00156 | 2d ago | C2 Beacon Activity | Medium | Resolved | DLP Module | WS-LAP-012 | c.williams | NL Netherlands | Sarah Chen | T1071.001 |
| ALR-00072 | 2d ago | Pass-the-Hash Detected | Medium | Open | DecoyPulse | SW-CORE-01 | l.johnson | RO Romania | Anika Patel | T1550.002 |
| ALR-00181 | 3d ago | DLP Policy Violation | Medium | False Positive | DecoyPulse | SRV-DC-01 | c.williams | BR Brazil | Emma Richardson | T1048 |
| ALR-00256 | 3d ago | Rogue DHCP Server | Medium | Escalated | Attack Surface Scanner | SRV-FILE-01 | h.roberts | FR France | Marcus Webb | T1557.003 |
| ALR-00247 | 3d ago | Anomalous DNS Query | Medium | Investigating | Dark Web Monitor | WS-LAP-012 | h.roberts | CN China | James Okonkwo | T1568.002 |
| ALR-00225 | 3d ago | Failed MFA Challenge | Medium | Escalated | SOC365 Engine | WS-PC-003 | k.brown | CN China | Anika Patel | T1621 |
| ALR-00191 | 3d ago | Ransomware Behaviour Detected | Medium | Investigating | Firewall | WS-PC-002 | s.jones | UA Ukraine | Anika Patel | T1486 |
| ALR-00290 | 3d ago | DecoyPulse Honeypot Triggered | Medium | Escalated | DLP Module | WS-PC-001 | m.taylor | BR Brazil | James Okonkwo | T1018 |
| ALR-00062 | 3d ago | Phishing Email Blocked | Medium | Investigating | Dark Web Monitor | VM-DEV-01 | h.roberts | NL Netherlands | Sarah Chen | T1566.001 |
| ALR-00227 | 3d ago | Suspicious PowerShell Execution | Medium | Open | Firewall | SRV-SQL-01 | c.williams | KP North Korea | Anika Patel | T1059.001 |
| ALR-00210 | 3d ago | Ransomware Behaviour Detected | Medium | False Positive | SOC365 Engine | SRV-DC-01 | f.hall | VN Vietnam | Marcus Webb | T1486 |
| ALR-00119 | 3d ago | Failed MFA Challenge | Medium | Investigating | Email Gateway | WS-MAC-005 | system | BR Brazil | Anika Patel | T1621 |
| ALR-00249 | 3d ago | Data Exfiltration Attempt | Medium | Open | Cloud Connector | WS-PC-001 | c.williams | NL Netherlands | Marcus Webb | T1567.002 |
| ALR-00005 | 3d ago | Privilege Escalation Attempt | Medium | Investigating | SOC365 Engine | SRV-DC-01 | n.clark | IN India | Sarah Chen | T1134 |
| ALR-00273 | 3d ago | DLP Policy Violation | Medium | False Positive | Firewall | WS-MAC-005 | h.roberts | RO Romania | Anika Patel | T1048 |
| ALR-00064 | 3d ago | Pass-the-Hash Detected | Medium | False Positive | DecoyPulse | VM-DEV-01 | system | US United States | Marcus Webb | T1550.002 |
| ALR-00302 | 3d ago | Phishing Email Blocked | Medium | Resolved | Email Gateway | WS-MAC-005 | a.wilson | GB United Kingdom | James Okonkwo | T1566.001 |
| ALR-00083 | 4d ago | Insider Threat Indicator | Medium | False Positive | DLP Module | WS-PC-003 | c.williams | RO Romania | Marcus Webb | T1119 |
| ALR-00146 | 4d ago | Data Exfiltration Attempt | Medium | Resolved | Firewall | FW-EDGE-01 | e.evans | RO Romania | Anika Patel | T1567.002 |
| ALR-00336 | 4d ago | Certificate Anomaly | Medium | Open | Network IDS | SRV-APP-01 | h.roberts | FR France | James Okonkwo | T1553.004 |
| ALR-00333 | 4d ago | Shadow IT Discovery | Medium | Investigating | DecoyPulse | FW-EDGE-01 | e.evans | US United States | James Okonkwo | T1567 |
| ALR-00211 | 4d ago | Shadow IT Discovery | Medium | Resolved | DecoyPulse | FW-EDGE-01 | n.clark | US United States | Sarah Chen | T1567 |
| ALR-00104 | 4d ago | Ransomware Behaviour Detected | Medium | False Positive | Endpoint Agent | WS-PC-001 | e.evans | RU Russia | Sarah Chen | T1486 |
| ALR-00176 | 4d ago | Port Scan Detected | Medium | Resolved | EmilyAI Triage | SRV-WEB-01 | c.williams | NG Nigeria | James Okonkwo | T1046 |
| ALR-00127 | 4d ago | Brute Force SSH | Medium | Investigating | Attack Surface Scanner | VM-DEV-01 | h.roberts | RO Romania | Marcus Webb | T1110.001 |
| ALR-00056 | 4d ago | Rogue DHCP Server | Medium | Escalated | Endpoint Agent | WS-MAC-005 | h.roberts | NG Nigeria | Emma Richardson | T1557.003 |
| ALR-00219 | 4d ago | Port Scan Detected | Medium | Open | EmilyAI Triage | WS-LAP-011 | s.jones | IR Iran | Sarah Chen | T1046 |
| ALR-00011 | 4d ago | Brute Force SSH | Medium | Escalated | DecoyPulse | FW-EDGE-01 | h.roberts | NL Netherlands | Marcus Webb | T1110.001 |
| ALR-00084 | 4d ago | Insider Threat Indicator | Medium | Investigating | DecoyPulse | SW-CORE-01 | system | FR France | Emma Richardson | T1119 |
| ALR-00009 | 4d ago | DLP Policy Violation | Medium | False Positive | EmilyAI Triage | WS-PC-002 | s.jones | CN China | Marcus Webb | T1048 |
| ALR-00349 | 5d ago | Suspicious PowerShell Execution | Medium | Escalated | Endpoint Agent | WS-LAP-011 | l.johnson | US United States | Anika Patel | T1059.001 |
| ALR-00337 | 5d ago | Data Exfiltration Attempt | Medium | Resolved | EmilyAI Triage | AP-WIFI-03 | k.brown | CN China | Marcus Webb | T1567.002 |
| ALR-00321 | 5d ago | Kerberoasting Attempt | Medium | Escalated | EmilyAI Triage | SRV-APP-01 | f.hall | GB United Kingdom | Anika Patel | T1558.003 |
| ALR-00008 | 5d ago | Ransomware Behaviour Detected | Medium | Open | Network IDS | SW-CORE-01 | l.johnson | VN Vietnam | Marcus Webb | T1486 |
| ALR-00030 | 5d ago | Lateral Movement Detected | Medium | Resolved | Firewall | SRV-FILE-01 | k.brown | NG Nigeria | Sarah Chen | T1021.002 |
| ALR-00324 | 5d ago | Failed MFA Challenge | Medium | Investigating | Dark Web Monitor | WS-PC-004 | l.johnson | GB United Kingdom | Marcus Webb | T1621 |
| ALR-00094 | 5d ago | Anomalous DNS Query | Medium | Escalated | Email Gateway | WS-LAP-010 | n.clark | GB United Kingdom | Sarah Chen | T1568.002 |
| ALR-00266 | 5d ago | Brute Force SSH | Medium | Escalated | Email Gateway | SRV-APP-01 | l.johnson | US United States | James Okonkwo | T1110.001 |
| ALR-00261 | 5d ago | Malware Signature Match | Medium | False Positive | DecoyPulse | WS-LAP-010 | k.brown | RU Russia | Anika Patel | T1204.002 |
| ALR-00097 | 5d ago | Failed MFA Challenge | Medium | False Positive | Network IDS | WS-PC-001 | l.johnson | RU Russia | James Okonkwo | T1621 |
| ALR-00139 | 5d ago | Brute Force SSH | Medium | False Positive | Email Gateway | WS-PC-001 | a.wilson | IN India | James Okonkwo | T1110.001 |
| ALR-00270 | 5d ago | Ransomware Behaviour Detected | Medium | Escalated | DLP Module | SRV-DC-01 | n.clark | KP North Korea | Marcus Webb | T1486 |
| ALR-00147 | 5d ago | Unauthorised USB Device | Medium | Resolved | Endpoint Agent | WS-PC-004 | n.clark | CN China | Marcus Webb | T1091 |
| ALR-00003 | 5d ago | Suspicious PowerShell Execution | Medium | Resolved | Endpoint Agent | WS-PC-004 | r.davies | GB United Kingdom | Marcus Webb | T1059.001 |
| ALR-00158 | 5d ago | Rogue DHCP Server | Medium | False Positive | EmilyAI Triage | SRV-APP-01 | s.jones | DE Germany | Sarah Chen | T1557.003 |
| ALR-00033 | 6d ago | Port Scan Detected | Medium | Escalated | DecoyPulse | SRV-MAIL-01 | n.clark | IR Iran | Emma Richardson | T1046 |
| ALR-00002 | 6d ago | Port Scan Detected | Medium | Open | Dark Web Monitor | WS-LAP-012 | system | RU Russia | James Okonkwo | T1046 |
| ALR-00137 | 6d ago | Shadow IT Discovery | Medium | Investigating | Attack Surface Scanner | SRV-DC-01 | system | UA Ukraine | Marcus Webb | T1567 |
| ALR-00118 | 6d ago | Certificate Anomaly | Medium | False Positive | Cloud Connector | VM-DEV-01 | f.hall | IR Iran | Marcus Webb | T1553.004 |
| ALR-00067 | 6d ago | Unusual Outbound Traffic | Medium | Investigating | Dark Web Monitor | SRV-FILE-01 | f.hall | KP North Korea | Emma Richardson | T1041 |
| ALR-00038 | 6d ago | Unusual Outbound Traffic | Medium | Resolved | Dark Web Monitor | FW-EDGE-01 | k.brown | KP North Korea | Emma Richardson | T1041 |
| ALR-00248 | 6d ago | C2 Beacon Activity | Medium | Escalated | Cloud Connector | WS-PC-002 | m.taylor | FR France | Marcus Webb | T1071.001 |
| ALR-00117 | 6d ago | Unusual Outbound Traffic | Medium | Escalated | Network IDS | SRV-DC-01 | r.davies | GB United Kingdom | Emma Richardson | T1041 |
| ALR-00028 | 6d ago | Ransomware Behaviour Detected | Medium | Resolved | Firewall | SRV-DC-01 | r.davies | BR Brazil | Marcus Webb | T1486 |
| ALR-00131 | 6d ago | Pass-the-Hash Detected | Medium | Escalated | Cloud Connector | WS-LAP-010 | system | RU Russia | Marcus Webb | T1550.002 |
| ALR-00299 | 6d ago | Ransomware Behaviour Detected | Medium | Escalated | DLP Module | SRV-WEB-01 | system | RO Romania | Emma Richardson | T1486 |
| ALR-00025 | 6d ago | Anomalous DNS Query | Medium | Open | Network IDS | WS-PC-004 | e.evans | RU Russia | James Okonkwo | T1568.002 |
| ALR-00220 | 6d ago | C2 Beacon Activity | Medium | Resolved | Firewall | SW-CORE-01 | r.davies | VN Vietnam | Emma Richardson | T1071.001 |