This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- Discussions
- Cloud Delivered Security Services
- Threat & Vulnerability
- Who rated this post
Who rated this post
Cortex XDR Remote account enumeration
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
09-15-2022 11:21 AM
Hello,
today we have interesting alert
At least 33 distinct non-existing accounts failed to remotely log in to XX-Laptop1. Users list: name.user, user name, user.name, username
User has no idea - all day at school, behind NAT. What I cannot really understand how terminal service can be used when is user behind NAT and there is no port forwarding and any kind of redirect.
Any idea what to check next?
src. IP adresses looks ok via Virus Total
95.143.188.128
95.143.188.126
95.143.188.122
95.143.188.129
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks