⇤ Compromised Systems Findings
The Malware Servers risk vector is an indication that a system is engaging in malicious activity, such as phishing, fraud, or scams. A company’s network is hosting malware that is meant to lure visitors to a website or send a file that injects malicious code or viruses.
Finding Details
*Availability varies based on the detection mechanism.
The details include the data in Findings, Compromised Systems details, and also the following information:
Field | Description |
---|---|
C&C Domain* |
The domain name of the affected server, which is likely the C&C server or is a sinkhole. A device acting as part of a botnet was seen communicating with this server. To evade firewall filtering, this field occasionally lists a non-malicious domain. |
Listening Port | This port was observed to be open and accepting traffic (listening) on the compromised device. |
Protocol | The network protocol used in the communication attempt. |
- January 19, 2024: Findings page navigation by application.
- April 6, 2021: Forensics integrated into Findings.
Feedback
0 comments
Please sign in to leave a comment.