LetsDefend level 1 alert SOC101 - Phishing Mail Detected event-id 41

Details mail playbook Are there attachments or URLs in the email? Analyze Url/Attachment 9ed9ad87a1564fbb5e1b652b3e7148c8.zip Check If Mail Delivered to User? Add Artifacts cashbank[.]com Log search - End Deta…

LetsDefend level 1 alert SOC111 - Traffic to Malware Domain event-id 42

Details playbook Search Log casinos-hub[.]com Log search - Analyze URL Address Has Anyone Accessed IP/URL/Domain? Add Artifacts Endpoint - BellaPRD End Details EventID: 42 Event Time: Jan. 30, 2021, 5:25 p.m. Rule…