專案

一般

配置概況

活動

起 2023-09-25 迄 2023-10-04

2023-10-04

16:23 非法入侵 #294 (Closed-關閉): tphq7lap328d(f_002d8d)
Path
d:\users\dennis wang\appdata\local\google\chrome\user data\default\cache\cache_data\f_002d8d Joy Liao
16:22 非法入侵 #292: tphq7lap328d(9eb9658e-a815-4c74-ae62-8cd77580d2db.tmp)
Path
d:\users\dennis wang\downloads\9eb9658e-a815-4c74-ae62-8cd77580d2db.tmp Joy Liao
16:21 非法入侵 #293 (Closed-關閉): taholt-ad17(file0005.chk、file0004.chk、file0003.chk)
Joy Liao

2023-10-03

15:02 非法入侵 #292 (Closed-關閉): tphq7lap328d(9eb9658e-a815-4c74-ae62-8cd77580d2db.tmp)
Path
d:\users\dennis wang\downloads\9eb9658e-a815-4c74-ae62-8cd77580d2db.tmp Joy Liao
14:20 非法入侵 #291 (Closed-關閉): ulpu-xd-pc-0001(lum_sdk64.dll)
Command line
"C:/Program Files (x86)/FormatFactory/net_updater64.exe" --updater win_formatfactory.pcfreetime.com Joy Liao

2023-09-28

13:42 非法入侵 #279: veolia - Incident - SSH service exposed - 60.248.4.74:22(ULPU)
INCIDENT - CLOSING

  low  
Name:

SSH service exposed - 60.248.4.74:22
Service:

  CTI   
Created at:
... Joy Liao
13:29 非法入侵 #279 (Closed-關閉): veolia - Incident - SSH service exposed - 60.248.4.74:22(ULPU)
INCIDENT - CLOSING  low  
Name:
SSH service exposed - 60.248.4.74:22
Service:  CTI   
Created at:
2023-07-19 1... Joy Liao
13:39 非法入侵 #284 (Closed-關閉): veolia - Incident - Authentication portal exposed - https://60.248.4.77:900/ - CLOSING(ULPU)

INCIDENT - CLOSING

  low  
Name:

Authentication portal exposed - https://60.248.4.77:900/
Service:

  ... Joy Liao
13:35 非法入侵 #283 (Closed-關閉): veolia - Incident - Exposed authentication portal: Fortinet - https://202.39.219.151:10443/ - CLOSING(XinDian)

INCIDENT - CLOSING

  medium  
Name:

Exposed authentication portal: Fortinet - https://202.39.219.151:10443... Joy Liao
13:33 非法入侵 #282 (Closed-關閉): veolia - Incident - Fortinet authentication portal exposed - https://118.163.66.37:10443/remote/login?lang=en - CLOSING(WC)
INCIDENT - CLOSING
  low  
Name:
Fortinet authentication portal exposed - https://118.163.66.37:10443/remote/log... Joy Liao
13:32 非法入侵 #281 (Closed-關閉): veolia - Incident - SSH service exposed - 60.248.4.77:2222 - CLOSING(ULPU)
INCIDENT - CLOSING
  low  
Name:
SSH service exposed - 60.248.4.77:2222
Service:
  CTI   
Created at:
2023... Joy Liao
13:31 非法入侵 #280 (Closed-關閉): veolia - Incident - Exposed authentication portal - https://118.163.66.42/auth.html - CLOSING(WC)
INCIDENT - CLOSING
  medium  
Name:
Exposed authentication portal - https://118.163.66.42/auth.html
Service:
... Joy Liao

2023-09-27

10:45 非法入侵 #192 (In process-進行中): pc17(wlkygg.exe)
已將網路斷線,設備交廠商處理中。 益利 周
10:44 非法入侵 #193 (In process-進行中): pc17(convert.exe)
已將網路斷線,設備交廠商處理中。 益利 周
10:44 非法入侵 #194 (In process-進行中): pc17(未確認 121125.crdownload)
已將網路斷線,設備交廠商處理中。 益利 周
10:44 非法入侵 #205 (In process-進行中): pc17(wlkygg.exe)
已將網路斷線,設備交廠商處理中。 益利 周
10:43 非法入侵 #207 (In process-進行中): pc17(未確認 121125.crdownload)
已將網路斷線,設備交廠商處理中。 益利 周
10:41 非法入侵 #198 (Resolved-解决): ulpu-xz-pc-0003(diassetup.exe)
設備已重置回原廠值,重新設定。 益利 周
10:38 非法入侵 #200 (Resolved-解决): ksrfb20105(wretchxdv.exe)
已格式化隨身硬碟,並宣導USB等外接設備 使用注意事項。 益利 周

2023-09-26

13:42 非法入侵 #215: taholt-mt08(produkey.exe)
125.227.240.165 / 192.168.5.71
B00714@TAHOHO 達鹿 蔡孟昌 益利 周
13:42 非法入侵 #214: taholt-mt08(produkey.exe)
125.227.240.165 / 192.168.5.71
B00714@TAHOHO 達鹿 蔡孟昌
 益利 周

2023-09-25

11:57 非法入侵 #214: taholt-mt08(produkey.exe)
Path
e:\20200225\desktop\produkey\x86\produkey.exe Joy Liao
11:54 非法入侵 #214 (Closed-關閉): taholt-mt08(produkey.exe)
Path
e:\20200225\desktop\produkey\x86\produkey.exe Joy Liao
11:55 非法入侵 #215 (Closed-關閉): taholt-mt08(produkey.exe)
Path
e:\c槽資料夾\users\維修公用1\desktop\produkey\x86\produkey.exe Joy Liao
 

匯出至 Atom