ET SCADA [nsacyber/ELITEWOLF] Schweitzer Engineering Laboratories SEL FTP Server Activity - Default User Account FTPUSER Login Attempt
Sourceet/open
CreatedOctober 19, 2023
UpdatedOctober 19, 2023
Classificationattempted-user
alert tcp-pkt any any -> $HOME_NET 21 (msg:"ET SCADA [nsacyber/ELITEWOLF] Schweitzer Engineering Laboratories SEL FTP Server Activity - Default User Account FTPUSER Login Attempt"; flow:established,to_server; content:"USER FTPUSER"; fast_pattern; reference:url,github.com/nsacyber/ELITEWOLF; classtype:attempted-user; sid:2048681; rev:1; metadata:affected_product Schweitzer_Engineering_Laboratories_SEL_Series, attack_target ICS, created_at 2023_10_19, deployment Perimeter, deployment Internal, performance_impact Low, confidence High, signature_severity Minor, updated_at 2023_10_19, reviewed_at 2023_10_19; target:src_ip;)
References
Metadata
affected productSchweitzer_Engineering_Laboratories_SEL_Series
attack targetICS
created at2023_10_19
deploymentInternal
performance impactLow
confidenceHigh
signature severityMinor
updated at2023_10_19
reviewed at2023_10_19
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!