Device re-detected
The system detected traffic on an inactive asset
ID Number
9000011
Signature
-
MITRE ATT&CK Technique
-
Severity
medium
Recommendations/Investigative actions
Identify the asset call the POC (Point of Contact) at the site and ask if some kind of activity was performed or he is aware for a network bug. In addition, look for a relevant cyber attack rules at the same time, it can be an attampt of the attacker to create a c&c station in the network