...
Rule ID | Rule Name | Description | Severity | Platform |
|---|---|---|---|---|
CGN-SecurityGraph-103 | Virtual Machine infected with cryptomining malware | This virtual machine (VM) is infected with a cryptomining malware. This poses a significant security risk, it is crucial to address and fix this issue promptly to prevent a potential performance degradation and data breach. | medium | azure,aws |
CGN-SecurityGraph-104 | VM Function infected with a virusThis virtual machine (VM) is infected with a virus. This finding poses cryptomining malware | A function was detected that has been infected with cryptomining malware. This is a risk that should be addressed immediately. | highmedium | aws, azure |
CGN-SecurityGraph-114 | Function infected with a virus | This serverless function is infected with a virus. This finding poses a significant security risk, it is crucial to address and fix this issue promptly to prevent a potential data breach. | medium | azure |
CGN-SecurityGraph-117 | A Virtual Machine with access to a database containing sensitive data has communicated with a malicious IP | This virtual machine (VM) has communicated with a malicious IP while having access to a sensitive database, creating a critical security risk that demands immediate action to prevent a data breach. | critical | aws |
CGN-SecurityGraph-118 | Virtual Machine with suspected CNC communication and access to sensitive database | This virtual machine was detected communicating with Command and Control (CNC) server, indicating potential unauthorized access or malware activity.The machine has access to database containing sensitive data, making it a high-value target for attackers.If CNC communication was detected, it could mean that data was exfiltrated or further compromise of the system is ongoing.Immediate action is required to investigate and mitigate this threat to prevent potential data breaches and ensure the security of sensitive information. | critical | aws |
...