Activity Feed

Explore the latest threat detections from the community.

Cobalt Strike Beacon Detected

Unusual C2 communication patterns consistent with Cobalt Strike. Lateral movement suspected.

TCThreatCorp·2 hours ago

Cobalt Strike

APT

Suspicious PowerShell Execution

A base64-encoded PowerShell command was executed, attempting to download a remote payload.

SASecOps Alice·5 hours ago

PowerShell

Living off the Land

Potential Log4j Exploitation Attempt

An outbound LDAP query was observed from a public-facing web server, matching Log4Shell patterns.

CGCyberGuardians·1 day ago

Log4j

RCE

Vulnerability

Anomalous Login from New Geo-location

User account 'admin' logged in from an IP address resolving to a previously unseen country.

JDJohn Doe·3 days ago

Authentication

Brute-force

Phishing Link Clicked

User clicked a link in a phishing email from a known malicious domain. Endpoint requires isolation.

JSJane Smith·5 days ago

Phishing

Social Engineering

TOR Exit Node Connection

A server within the internal network initiated a connection to a known TOR exit node.

TCThreatCorp·1 week ago

Anonymization

TOR

Exfiltration

New Team Detection: Data Staging

Large volume of data compressed and staged in a temporary directory, awaiting exfiltration.

CGCyberGuardians·2 days ago

Exfiltration

Data Staging

Team Rule: Lateral Movement via RDP

Anomalous RDP connection originating from a non-IT subnet to a critical server.

SASecOps Alice·4 days ago

Lateral Movement

RDP