Managed Sentinel – Alert 250

Alert IDMS-A250
Alert NameCOVID 19 IP address IOC detected - SonicWall
DescriptionThis alert triggers when an connection to an IP address related to COVID-19 malware is detected in CommonSecurityLog.
Severity LevelMedium
Threat Indicator
MITRE ATT&CK TacticsCredentialAccess
LateralMovement
PrivilegeEscalation
Log sourcesCommon Security Logs
False Positives
Recommendations