專案

一般

配置概況

LiaoJoy 的活動

起 2023-09-19 迄 2023-09-28

2023-09-28

13:42 02_資安事件及異常紀錄 非法入侵 #279: veolia - Incident - SSH service exposed - 60.248.4.74:22(ULPU)
INCIDENT - CLOSING

  low  
Name:

SSH service exposed - 60.248.4.74:22
Service:

  CTI   
Created at:
... LiaoJoy
13:29 02_資安事件及異常紀錄 非法入侵 #279 (Closed-關閉): veolia - Incident - SSH service exposed - 60.248.4.74:22(ULPU)
INCIDENT - CLOSING  low  
Name:
SSH service exposed - 60.248.4.74:22
Service:  CTI   
Created at:
2023-07-19 1... LiaoJoy
13:39 02_資安事件及異常紀錄 非法入侵 #284 (Closed-關閉): veolia - Incident - Authentication portal exposed - https://60.248.4.77:900/ - CLOSING(ULPU)

INCIDENT - CLOSING

  low  
Name:

Authentication portal exposed - https://60.248.4.77:900/
Service:

  ... LiaoJoy
13:35 02_資安事件及異常紀錄 非法入侵 #283 (Closed-關閉): veolia - Incident - Exposed authentication portal: Fortinet - https://202.39.219.151:10443/ - CLOSING(XinDian)

INCIDENT - CLOSING

  medium  
Name:

Exposed authentication portal: Fortinet - https://202.39.219.151:10443... LiaoJoy
13:33 02_資安事件及異常紀錄 非法入侵 #282 (Closed-關閉): veolia - Incident - Fortinet authentication portal exposed - https://118.163.66.37:10443/remote/login?lang=en - CLOSING(WC)
INCIDENT - CLOSING
  low  
Name:
Fortinet authentication portal exposed - https://118.163.66.37:10443/remote/log... LiaoJoy
13:32 02_資安事件及異常紀錄 非法入侵 #281 (Closed-關閉): veolia - Incident - SSH service exposed - 60.248.4.77:2222 - CLOSING(ULPU)
INCIDENT - CLOSING
  low  
Name:
SSH service exposed - 60.248.4.77:2222
Service:
  CTI   
Created at:
2023... LiaoJoy
13:31 02_資安事件及異常紀錄 非法入侵 #280 (Closed-關閉): veolia - Incident - Exposed authentication portal - https://118.163.66.42/auth.html - CLOSING(WC)
INCIDENT - CLOSING
  medium  
Name:
Exposed authentication portal - https://118.163.66.42/auth.html
Service:
... LiaoJoy

2023-09-25

11:57 02_資安事件及異常紀錄 非法入侵 #214: taholt-mt08(produkey.exe)
Path
e:\20200225\desktop\produkey\x86\produkey.exe LiaoJoy
11:54 02_資安事件及異常紀錄 非法入侵 #214 (Closed-關閉): taholt-mt08(produkey.exe)
Path
e:\20200225\desktop\produkey\x86\produkey.exe LiaoJoy
11:55 02_資安事件及異常紀錄 非法入侵 #215 (Closed-關閉): taholt-mt08(produkey.exe)
Path
e:\c槽資料夾\users\維修公用1\desktop\produkey\x86\produkey.exe LiaoJoy

2023-09-23

13:52 02_資安事件及異常紀錄 非法入侵 #208 (Closed-關閉): ulpu-ds-pc-0002( produkey.exe)
Description
Known malware was detected
Detection name
Gen:Variant.Application.NirSoft.249982
Path
d:\produkey.exe LiaoJoy
13:52 02_資安事件及異常紀錄 非法入侵 #207 (Closed-關閉): pc17(未確認 121125.crdownload)
Description
Known malware was detected
Detection name
Trojan.GenericKD.30700238
Path
c:\users\user\downloads\未確認... LiaoJoy
13:51 02_資安事件及異常紀錄 非法入侵 #205 (Closed-關閉): pc17(wlkygg.exe)
Description
Known malware was detected
Detection name
Win32.Sality.3
Path
i:\wlkygg.exe LiaoJoy
13:51 02_資安事件及異常紀錄 非法入侵 #204 (Closed-關閉): tc990107(tclookfac2.cab)
Description
Known malware was detected
Detection name
Gen:Variant.Lazy.391822
Path
d:\taho\soe\tcfac2_ver1.6\tcl... LiaoJoy
13:51 02_資安事件及異常紀錄 非法入侵 #203 (Closed-關閉): tphq7lap328d( office.cmd)
Description
Known malware was detected
Detection name
Trojan.GenericKD.69089948
Path
e:\20230617\winapp\offi... LiaoJoy
13:50 02_資安事件及異常紀錄 非法入侵 #202 (Closed-關閉): ulpu-zd-pc-0008(aimgr.exe)
Description
Known malware was detected
Detection name
Gen:Variant.Babar.230789
Path
c:\program files\microso... LiaoJoy
13:50 02_資安事件及異常紀錄 非法入侵 #201 (Closed-關閉): pc307(unset.exe)
Path
c:\users\miachu\appdata\local\yahoo\yset\unset.exe LiaoJoy
13:49 02_資安事件及異常紀錄 非法入侵 #200 (Closed-關閉): ksrfb20105(wretchxdv.exe)
描述
偵測到已知惡意軟體
檢測名稱
木馬.Generic.7382596
小路
e:\祕密花園\小天地\硬碟03\無名照片\wretchxdv.exe LiaoJoy
 

匯出至 Atom