Alerts

Real-time threat & alert feed · auto-refresh 30s

Last refresh: 05:44:17 AM

Critical

3

High

4

Auto-Remediated

7

Open

4

12 alerts

CriticalRansomware Attempt

Encrypted file staging detected on endpoint ACME-WS-04. Lateral movement blocked.

src: 185.220.101.47client: ACME Corpdetected: 5m ago

Human Review

HighBrute Force SSH

847 failed SSH login attempts from single source in 4 minutes. Source IP blocked.

src: 91.108.56.203client: TechCo LLCdetected: 12m agoresolved in: 3s

Remediated

CriticalData Exfiltration

Anomalous outbound transfer of 4.2GB to unknown external endpoint. Session terminated.

src: 203.0.113.99client: LawFirm Partnersdetected: 8m ago

Human Review

HighDDoS — UDP Flood

UDP flood targeting public IP. 2.4 Gbps traffic scrubbed upstream.

src: 198.51.100.14client: MFG Solutionsdetected: 25m agoresolved in: 7s

Remediated

MediumPhishing Domain Match

User navigated to lookalike domain "acme-corp.support". DNS sinkholed.

client: Retail Plusdetected: 32m agoresolved in: 1s

Remediated

HighPrivilege Escalation

Internal account attempted domain admin escalation via CVE-2023-21554. Blocked.

src: 10.0.1.44client: TechCo LLCdetected: 42m ago

Investigating

LowPort Scan

Sequential port scan of 65535 ports. Source logged and rate-limited.

src: 45.33.32.156client: ACME Corpdetected: 58m agoresolved in: 2s

Remediated

CriticalMalware C2 Beacon

Beacon pattern to known C2 infrastructure. Host quarantined, traffic blocked.

src: 185.234.219.77client: HealthNetdetected: 1h agoresolved in: 420s

Resolved

MediumSQL Injection Attempt

Blind SQL injection probes on web application. WAF rule activated, 203 requests blocked.

src: 192.168.1.205client: MFG Solutionsdetected: 1h agoresolved in: 0s

Remediated

LowCertificate Anomaly

Self-signed certificate detected on internal service. Certificate replaced automatically.

client: LawFirm Partnersdetected: 2h agoresolved in: 5s

Remediated

HighInsider Threat Signal

Bulk download of PII records outside business hours by privileged account. Under review.

src: 10.5.0.88client: HealthNetdetected: 2h ago

Human Review

MediumDNS Tunneling

Encoded payloads detected in DNS TXT records. Outbound DNS restricted.

src: 10.1.2.33client: TechCo LLCdetected: 2h agoresolved in: 4s

Remediated