Closed jthough9 closed 10 months ago
Also in this paragraph, can we change "complicit user's inbox (in spam)" to "complicit user's mailbox" ? I don't think that "in spam" bit is dynamically generated from the JSON, and as such, this sentence likely won't be true for all users.
🐛 Summary
When a report is generated, the value attached to "payloads executed and connected to the CISA team's command-and-control C2 server (Not Blocked)." counts both border protection and host protection Not Blocked's, when it should only count the host protection Not Blocked's.
To reproduce
Steps to reproduce the behavior:
Expected behavior
What did you expect to happen that didn't?
We expected the total payloads executed value to match the total number of Not Blocked's in the Host Protection Column of the payloads.
Any helpful log output or screenshots
Paste the results here:
Contact PCA Analysts for more information
Add any screenshots of the problem here.