Security events mapped to MITRE ATT&CK techniques for threat intelligence:
| Severity | Tactic | Technique | Description | Occurrences | First Seen |
|---|---|---|---|---|---|
| LOW | Initial Access | T1200 - Hardware Additions | USB security device powered on and initialized | 5 | 2025-11-12 13:56:52 |
| LOW | Discovery | T1082 - System Information Discovery | General system information logged | 5 | 2025-11-12 12:49:06 |
| CRITICAL | Execution | T1059 - Command and Scripting Interpreter | Automated keystroke injection script execution initiated | 2 | 2025-11-12 12:49:07 |
| HIGH | Command and Control | T1092 - Communication Through Removable Media | Serial communication channel established with target | 1107 | 2025-11-12 12:49:16 |
| MEDIUM | Collection | T1005 - Data from Local System | Data collected and written to device storage | 2 | 2025-11-12 12:52:11 |