https://detection.fyi/ 2026-03-31T22:33:46+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/ 2026-03-31T22:33:46+00:00 https://detection.fyi/tags/data-source-elastic-defend/ 2026-03-31T22:33:46+00:00 https://detection.fyi/elastic/detection-rules/ 2026-03-31T22:33:46+00:00 https://detection.fyi/tags/domain-endpoint/ 2026-03-31T22:33:46+00:00 https://detection.fyi/elastic/ 2026-03-31T22:33:46+00:00 https://detection.fyi/language/elastic/ 2026-03-31T22:33:46+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/initial_access_elastic_defend_alert_package_manager_ancestor/ 2026-03-31T22:33:46+00:00 https://detection.fyi/language/ 2026-03-31T22:33:46+00:00 https://detection.fyi/tags/resources-investigation-guide/ 2026-03-31T22:33:46+00:00 https://detection.fyi/tags/rule-type-higher-order-rule/ 2026-03-31T22:33:46+00:00 https://detection.fyi/tags/tactic-initial-access/ 2026-03-31T22:33:46+00:00 https://detection.fyi/tags/ 2026-03-31T22:33:46+00:00 https://detection.fyi/tags/use-case-threat-detection/ 2026-03-31T22:33:46+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_bank_of_america/ 2026-03-31T21:30:16+00:00 https://detection.fyi/language/mql/ 2026-03-31T21:30:16+00:00 https://detection.fyi/sublime-security/sublime-rules/ 2026-03-31T21:30:16+00:00 https://detection.fyi/sublime-security/ 2026-03-31T21:30:16+00:00 https://detection.fyi/tags/attack-surface-reduction/ 2026-03-31T19:46:38+00:00 https://detection.fyi/sublime-security/sublime-rules/credential_phishing_generic_template/ 2026-03-31T19:46:38+00:00 https://detection.fyi/sublime-security/sublime-rules/header_me_aol/ 2026-03-31T18:28:30+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/command_and_control_curl_wget_spawn_via_nodejs_parent/ 2026-03-31T16:36:59+00:00 https://detection.fyi/tags/data-source-auditd-manager/ 2026-03-31T16:36:59+00:00 https://detection.fyi/tags/data-source-crowdstrike/ 2026-03-31T16:36:59+00:00 https://detection.fyi/tags/data-source-elastic-endgame/ 2026-03-31T16:36:59+00:00 https://detection.fyi/tags/data-source-sentinelone/ 2026-03-31T16:36:59+00:00 https://detection.fyi/tags/data-source-sysmon/ 2026-03-31T16:36:59+00:00 https://detection.fyi/tags/data-source-windows-security-event-logs/ 2026-03-31T16:36:59+00:00 https://detection.fyi/tags/os-linux/ 2026-03-31T16:36:59+00:00 https://detection.fyi/tags/os-macos/ 2026-03-31T16:36:59+00:00 https://detection.fyi/tags/os-windows/ 2026-03-31T16:36:59+00:00 https://detection.fyi/tags/tactic-command-and-control/ 2026-03-31T16:36:59+00:00 https://detection.fyi/sublime-security/sublime-rules/body_bec_mobile_solicitation_reply_thread/ 2026-03-31T13:49:46+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_mailchimp/ 2026-03-30T21:33:04+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_power_apps_callback/ 2026-03-30T20:38:00+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_paypal/ 2026-03-30T16:19:36+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_website_errors_solicitation/ 2026-03-30T15:51:43+00:00 https://detection.fyi/tags/attack.defense-evasion/ 2026-03-30T10:27:13+00:00 https://detection.fyi/tags/attack.initial-access/ 2026-03-30T10:27:13+00:00 https://detection.fyi/tags/attack.persistence/ 2026-03-30T10:27:13+00:00 https://detection.fyi/tags/attack.privilege-escalation/ 2026-03-30T10:27:13+00:00 https://detection.fyi/tags/attack.t1078.002/ 2026-03-30T10:27:13+00:00 https://detection.fyi/tags/attack.t1098/ 2026-03-30T10:27:13+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_modification_of_dmsa_link_attribute/ 2026-03-30T10:27:13+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_create_new_dmsasvc_account/ 2026-03-30T10:27:13+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_create_new_dmsasvc_account/ 2026-03-30T10:27:13+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/ 2026-03-30T10:27:13+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/ 2026-03-30T10:27:13+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/ 2026-03-30T10:27:13+00:00 https://detection.fyi/sigmahq/sigma/ 2026-03-30T10:27:13+00:00 https://detection.fyi/language/sigma/ 2026-03-30T10:27:13+00:00 https://detection.fyi/sigmahq/ 2026-03-30T10:27:13+00:00 https://detection.fyi/sigmahq/sigma/windows/ 2026-03-30T10:27:13+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/ 2026-03-29T12:58:59+00:00 https://detection.fyi/tags/attack.collection/ 2026-03-29T12:58:59+00:00 https://detection.fyi/tags/attack.credential-access/ 2026-03-29T12:58:59+00:00 https://detection.fyi/tags/attack.discovery/ 2026-03-29T12:58:59+00:00 https://detection.fyi/tags/attack.execution/ 2026-03-29T12:58:59+00:00 https://detection.fyi/tags/attack.t1005/ 2026-03-29T12:58:59+00:00 https://detection.fyi/tags/attack.t1059/ 2026-03-29T12:58:59+00:00 https://detection.fyi/tags/attack.t1059.004/ 2026-03-29T12:58:59+00:00 https://detection.fyi/tags/attack.t1059.007/ 2026-03-29T12:58:59+00:00 https://detection.fyi/tags/attack.t1083/ 2026-03-29T12:58:59+00:00 https://detection.fyi/tags/attack.t1119/ 2026-03-29T12:58:59+00:00 https://detection.fyi/tags/attack.t1195.002/ 2026-03-29T12:58:59+00:00 https://detection.fyi/tags/attack.t1203/ 2026-03-29T12:58:59+00:00 https://detection.fyi/tags/attack.t1552/ 2026-03-29T12:58:59+00:00 https://detection.fyi/tags/attack.t1552.001/ 2026-03-29T12:58:59+00:00 https://detection.fyi/tags/detection.emerging-threats/ 2026-03-29T12:58:59+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/ 2026-03-29T12:58:59+00:00 https://detection.fyi/sigmahq/sigma/linux/ 2026-03-29T12:58:59+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/ 2026-03-29T12:58:59+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/ 2026-03-29T12:58:59+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_trufflehog/ 2026-03-29T12:58:59+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_script_interpretor_spawn_credential_scanner/ 2026-03-29T12:58:59+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_script_interpretor_spawn_credential_scanner/ 2026-03-29T12:58:59+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/shai-hulud/ 2026-03-29T12:58:59+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/shai-hulud/proc_creation_win_mal_shai_hulud_malicious_npm_package_installation/ 2026-03-29T12:58:59+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/shai-hulud/proc_creation_lnx_mal_shai_hulud_malicious_npm_package_installation/ 2026-03-29T12:58:59+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/shai-hulud/proc_creation_win_mal_shai_hulud_malicious_node_bun_execution/ 2026-03-29T12:58:59+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/shai-hulud/proc_creation_lnx_mal_shai_hulud_malicious_node_bun_execution/ 2026-03-29T12:58:59+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/shai-hulud/file_event_lnx_mal_shai_hulud_workflow/ 2026-03-29T12:58:59+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/shai-hulud/proc_creation_lnx_mal_shai_hulud_indicator/ 2026-03-29T12:58:59+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/shai-hulud/proc_creation_win_mal_shai_hulud_indicator/ 2026-03-29T12:58:59+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_behance_document_sharing_suspicious_language/ 2026-03-27T21:55:19+00:00 https://detection.fyi/sublime-security/sublime-rules/link_credential_phishing_secure_message/ 2026-03-27T21:47:51+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_bid_proposal_lure_with_credential_theft_indicators/ 2026-03-27T21:37:33+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_payapp/ 2026-03-27T21:09:57+00:00 https://detection.fyi/sublime-security/sublime-rules/credential_phishing_financial_lure_activecampaign_infra/ 2026-03-27T21:08:59+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_phishing_nlu_body_or_attachments/ 2026-03-27T17:42:59+00:00 https://detection.fyi/tags/data-source-microsoft-365/ 2026-03-26T20:03:38+00:00 https://detection.fyi/tags/data-source-microsoft-365-audit-logs/ 2026-03-26T20:03:38+00:00 https://detection.fyi/tags/domain-cloud/ 2026-03-26T20:03:38+00:00 https://detection.fyi/tags/domain-identity/ 2026-03-26T20:03:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/ 2026-03-26T20:03:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/initial_access_entra_id_portal_login_atypical_travel/ 2026-03-26T20:03:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/ 2026-03-26T20:03:38+00:00 https://detection.fyi/tags/use-case-identity-and-access-audit/ 2026-03-26T20:03:38+00:00 https://detection.fyi/sublime-security/sublime-rules/body_bec_mobile_solicitation/ 2026-03-26T19:55:09+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/ 2026-03-26T19:48:23+00:00 https://detection.fyi/tags/data-source-azure/ 2026-03-26T19:48:23+00:00 https://detection.fyi/tags/data-source-microsoft-entra-id/ 2026-03-26T19:48:23+00:00 https://detection.fyi/tags/data-source-microsoft-entra-id-sign-in-logs/ 2026-03-26T19:48:23+00:00 https://detection.fyi/tags/data-source-microsoft-graph/ 2026-03-26T19:48:23+00:00 https://detection.fyi/tags/data-source-microsoft-graph-activity-logs/ 2026-03-26T19:48:23+00:00 https://detection.fyi/tags/domain-api/ 2026-03-26T19:48:23+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_graph_single_session_from_multiple_addresses/ 2026-03-26T19:48:23+00:00 https://detection.fyi/tags/tactic-defense-evasion/ 2026-03-26T19:48:23+00:00 https://detection.fyi/tags/abusech-malwarebazaar/ 2026-03-26T17:07:54+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_malwarebazaar/ 2026-03-26T17:07:54+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/privilege_escalation_chroot_execution_detected_inside_container/ 2026-03-26T16:16:30+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/ 2026-03-26T16:16:30+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/defense_evasion_data_encrypted_via_openssl/ 2026-03-26T16:16:30+00:00 https://detection.fyi/tags/data-source-elastic-defend-for-containers/ 2026-03-26T16:16:30+00:00 https://detection.fyi/tags/data-source-kubernetes/ 2026-03-26T16:16:30+00:00 https://detection.fyi/tags/domain-container/ 2026-03-26T16:16:30+00:00 https://detection.fyi/tags/domain-kubernetes/ 2026-03-26T16:16:30+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/execution_suspicious_file_made_executable_via_chmod_inside_a_container/ 2026-03-26T16:16:30+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/ 2026-03-26T16:16:30+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/credential_access_get_secrets_access/ 2026-03-26T16:16:30+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/execution_suspicious_python_command_execution/ 2026-03-26T16:16:30+00:00 https://detection.fyi/tags/tactic-collection/ 2026-03-26T16:16:30+00:00 https://detection.fyi/tags/tactic-credential-access/ 2026-03-26T16:16:30+00:00 https://detection.fyi/tags/tactic-execution/ 2026-03-26T16:16:30+00:00 https://detection.fyi/tags/tactic-privilege-escalation/ 2026-03-26T16:16:30+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_common_webservices/ 2026-03-26T16:09:51+00:00 https://detection.fyi/elastic/detection-rules/windows/ 2026-03-26T16:09:51+00:00 https://detection.fyi/elastic/detection-rules/linux/ 2026-03-26T15:56:56+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_pth_file_creation/ 2026-03-26T15:56:56+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_site_and_user_customize_file_creation/ 2026-03-26T15:56:56+00:00 https://detection.fyi/tags/tactic-persistence/ 2026-03-26T15:56:56+00:00 https://detection.fyi/tags/data-source-microsoft-exchange-online-message-trace/ 2026-03-26T15:50:15+00:00 https://detection.fyi/tags/domain-email/ 2026-03-26T15:50:15+00:00 https://detection.fyi/elastic/detection-rules/integrations/microsoft_exchange_online_message_trace/initial_access_azure_monitor_callback_phishing_email/ 2026-03-26T15:50:15+00:00 https://detection.fyi/elastic/detection-rules/integrations/microsoft_exchange_online_message_trace/ 2026-03-26T15:50:15+00:00 https://detection.fyi/tags/data-source-amazon-web-services/ 2026-03-26T15:49:19+00:00 https://detection.fyi/tags/data-source-aws/ 2026-03-26T15:49:19+00:00 https://detection.fyi/tags/data-source-aws-secrets-manager/ 2026-03-26T15:49:19+00:00 https://detection.fyi/tags/data-source-azure-activity-logs/ 2026-03-26T15:49:19+00:00 https://detection.fyi/tags/data-source-gcp/ 2026-03-26T15:49:19+00:00 https://detection.fyi/tags/data-source-google-cloud-platform/ 2026-03-26T15:49:19+00:00 https://detection.fyi/tags/domain-iam/ 2026-03-26T15:49:19+00:00 https://detection.fyi/tags/domain-storage/ 2026-03-26T15:49:19+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/credential_access_multi_could_secrets_via_api/ 2026-03-26T15:49:19+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_aws_sns_callback/ 2026-03-26T15:45:24+00:00 https://detection.fyi/tags/data-source-microsoft-entra-id-audit-logs/ 2026-03-26T15:45:12+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/resource_development_entra_id_custom_domain_added_and_verified/ 2026-03-26T15:45:12+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/privilege_escalation_entra_id_tenant_domain_federation_via_audit_logs/ 2026-03-26T15:45:12+00:00 https://detection.fyi/tags/tactic-discovery/ 2026-03-26T15:45:12+00:00 https://detection.fyi/tags/tactic-resource-development/ 2026-03-26T15:45:12+00:00 https://detection.fyi/tags/domain-saas/ 2026-03-26T15:28:36+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/collection_sharepoint_file_download_via_powershell/ 2026-03-26T15:28:36+00:00 https://detection.fyi/tags/tactic-exfiltration/ 2026-03-26T15:28:36+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_phishing_microsoft_comment/ 2026-03-26T15:10:34+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_robinhood/ 2026-03-26T14:30:24+00:00 https://detection.fyi/sublime-security/sublime-rules/cred_phish_displayurl_port/ 2026-03-26T13:59:39+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/command_and_control_kubectl_networking_modification/ 2026-03-26T12:10:17+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/discovery_kubectl_permission_discovery/ 2026-03-26T12:10:17+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/discovery_kubectl_secrets_all_namespaces/ 2026-03-26T12:10:17+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/execution_kubernetes_direct_api_request_via_curl_or_wget/ 2026-03-26T12:10:17+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/exfiltration_potential_curl_data_exfiltration/ 2026-03-26T12:10:17+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/defense_evasion_potential_kubectl_impersonation/ 2026-03-26T12:10:17+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/defense_evasion_potential_kubectl_masquerading/ 2026-03-26T12:10:17+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/credential_access_grep_recursive_credential_discovery/ 2026-03-26T11:27:33+00:00 https://detection.fyi/sublime-security/sublime-rules/lookalike_sender_domain/ 2026-03-25T22:53:13+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_vip_urgent_request/ 2026-03-25T22:33:22+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_vip_bec_loose/ 2026-03-25T18:38:06+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_usps/ 2026-03-25T13:58:22+00:00 https://detection.fyi/sublime-security/sublime-rules/credential_phishing_fake_card_tracking_lure/ 2026-03-24T19:37:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_financial_account_issue_with_suspicious_indicators/ 2026-03-24T19:28:11+00:00 https://detection.fyi/sublime-security/sublime-rules/credential_theft_cloud_storage_impersonation/ 2026-03-23T18:20:00+00:00 https://detection.fyi/elastic/detection-rules/linux/exfiltration_potential_database_dumping/ 2026-03-23T16:52:52+00:00 https://detection.fyi/tags/data-source-microsoft-defender-for-endpoint/ 2026-03-23T16:41:52+00:00 https://detection.fyi/tags/data-source-winlogbeat/ 2026-03-23T16:41:52+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_new_terms_commonly_abused_rmm/ 2026-03-23T16:41:52+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_multiple_rmm_vendors_same_host/ 2026-03-23T16:41:52+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_rmm_after_msi_install/ 2026-03-23T16:41:52+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_audit_policy_disabled_winlog/ 2026-03-23T16:25:35+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_suspicious_com_hijack_registry/ 2026-03-23T16:01:06+00:00 https://detection.fyi/tags/data-source-windows-system-event-logs/ 2026-03-23T16:01:06+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/defense_evasion_elastic_agent_service_terminated/ 2026-03-23T16:01:06+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_persistence_account_tokenfilterpolicy/ 2026-03-23T16:01:06+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/defense_evasion_encoding_rot13_python_script/ 2026-03-23T16:01:06+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_suspicious_process_access_direct_syscall/ 2026-03-23T16:01:06+00:00 https://detection.fyi/tags/tactic-lateral-movement/ 2026-03-23T16:01:06+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_clearing_windows_security_logs/ 2026-03-23T16:01:06+00:00 https://detection.fyi/sublime-security/sublime-rules/credential_phishing_suspicious_subject_nlu_financial_urgent/ 2026-03-23T15:43:47+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/collection_exchange_new_inbox_rule/ 2026-03-23T14:25:58+00:00 https://detection.fyi/tags/use-case-configuration-audit/ 2026-03-23T14:25:58+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/collection_graph_email_access_by_unusual_public_client_via_graph/ 2026-03-23T14:08:47+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_graph_first_occurrence_of_client_request/ 2026-03-23T13:46:40+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_windows_script_from_internet/ 2026-03-23T12:23:51+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_ingress_transfer_bits/ 2026-03-23T12:23:51+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_startup_folder_scripts/ 2026-03-23T12:23:51+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_executable_tool_transfer_smb/ 2026-03-23T12:23:51+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_execution_via_file_shares_sequence/ 2026-03-23T12:23:51+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_teamviewer_remote_file_copy/ 2026-03-23T12:23:51+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_remote_file_copy_powershell/ 2026-03-23T12:23:51+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_remote_file_copy_scripts/ 2026-03-23T12:23:51+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_unusual_ads_file_creation/ 2026-03-23T12:23:51+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_tunnel_vscode/ 2026-03-23T11:01:12+00:00 https://detection.fyi/elastic/detection-rules/windows/exfiltration_rclone_cloud_upload/ 2026-03-23T11:01:12+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_tunnel_cloudflared/ 2026-03-23T11:01:12+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_tunnel_yuze/ 2026-03-23T11:01:12+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_velociraptor_shell_execution/ 2026-03-23T11:01:12+00:00 https://detection.fyi/tags/data-source-fortinet/ 2026-03-23T10:49:23+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/impact_alert_from_a_process_with_cpu_spike/ 2026-03-23T10:49:23+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/defense_evasion_missing_events_after_alert/ 2026-03-23T10:49:23+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_dns_rmm_domains_non_browser/ 2026-03-23T10:49:23+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/initial_access_fortigate_ssl_vpn_login_followed_by_siem_alert/ 2026-03-23T10:49:23+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_bruteforce_multiple_logon_failure_same_srcip/ 2026-03-23T10:49:23+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_takeover_new_source_ip/ 2026-03-23T10:49:23+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_account_takeover_mixed_logon_types/ 2026-03-23T10:49:23+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_notepad_markdown_child_process/ 2026-03-23T10:49:23+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_bruteforce_admin_account/ 2026-03-23T10:49:23+00:00 https://detection.fyi/tags/tactic-impact/ 2026-03-23T10:49:23+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_apparmor_policy_access/ 2026-03-23T08:37:42+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_apparmor_policy_violation/ 2026-03-23T08:37:42+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_apparmor_profile_compilation/ 2026-03-23T08:37:42+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_apparmor_exploitation_via_sys_fs/ 2026-03-23T08:37:42+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_msiexec_remote_payload/ 2026-03-20T21:11:26+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_susp_javascript_via_deno/ 2026-03-20T21:11:26+00:00 https://detection.fyi/tags/data-source-ibm-qradar/ 2026-03-20T19:42:43+00:00 https://detection.fyi/elastic/detection-rules/promotions/ibm_qradar_external_alerts/ 2026-03-20T19:42:43+00:00 https://detection.fyi/tags/promotion-external-alerts/ 2026-03-20T19:42:43+00:00 https://detection.fyi/elastic/detection-rules/promotions/ 2026-03-20T19:42:43+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_fake_dating_profile/ 2026-03-20T18:23:08+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_meta/ 2026-03-20T17:49:24+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_procore/ 2026-03-20T14:18:08+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_zip_cve_2026_0866/ 2026-03-20T14:01:03+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_snap_confine_lpe_via_cve_2026_3888/ 2026-03-20T08:34:17+00:00 https://detection.fyi/tags/use-case-vulnerability/ 2026-03-20T08:34:17+00:00 https://detection.fyi/sublime-security/sublime-rules/link_free_file_hosting_undisclosed_recipients/ 2026-03-19T16:28:28+00:00 https://detection.fyi/tags/data-source-apache/ 2026-03-19T13:43:34+00:00 https://detection.fyi/tags/data-source-apache-tomcat/ 2026-03-19T13:43:34+00:00 https://detection.fyi/tags/data-source-iis/ 2026-03-19T13:43:34+00:00 https://detection.fyi/tags/data-source-nginx/ 2026-03-19T13:43:34+00:00 https://detection.fyi/tags/data-source-traefik/ 2026-03-19T13:43:34+00:00 https://detection.fyi/tags/domain-web/ 2026-03-19T13:43:34+00:00 https://detection.fyi/tags/tactic-reconnaissance/ 2026-03-19T13:43:34+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/reconnaissance_web_server_discovery_or_fuzzing_activity/ 2026-03-19T13:43:34+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/discovery_web_server_local_file_inclusion_activity/ 2026-03-19T13:43:34+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/persistence_web_server_potential_command_injection/ 2026-03-19T13:43:34+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/discovery_web_server_remote_file_inclusion_activity/ 2026-03-19T13:43:34+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/reconnaissance_web_server_unusual_spike_in_error_response_codes/ 2026-03-19T13:43:34+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/reconnaissance_web_server_unusual_user_agents/ 2026-03-19T13:43:34+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_substack_cred_theft_branded_button_redirects/ 2026-03-19T13:21:36+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_kernel_module_load_from_unusual_location/ 2026-03-19T12:57:34+00:00 https://detection.fyi/elastic/detection-rules/linux/exfiltration_potential_wget_data_exfiltration/ 2026-03-19T12:57:34+00:00 https://detection.fyi/tags/threat-rootkit/ 2026-03-19T12:57:34+00:00 https://detection.fyi/tags/attack.t1003/ 2026-03-19T09:26:30+00:00 https://detection.fyi/tags/attack.t1003.001/ 2026-03-19T09:26:30+00:00 https://detection.fyi/tags/attack.t1562.001/ 2026-03-19T09:26:30+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_wsass/ 2026-03-19T09:26:30+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/ 2026-03-19T09:26:30+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_win_susp_dbgcore_dbghelp_load/ 2026-03-19T09:26:30+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/ 2026-03-18T22:07:15+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/exfiltration_s3_uncommon_client_user_agent/ 2026-03-18T22:07:15+00:00 https://detection.fyi/tags/data-source-aws-cloudtrail/ 2026-03-18T22:07:15+00:00 https://detection.fyi/tags/data-source-aws-s3/ 2026-03-18T22:07:15+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/persistence_entra_id_service_principal_federated_issuer_modified/ 2026-03-18T21:22:55+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_w9_invoice_lure/ 2026-03-18T18:31:52+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_docsend/ 2026-03-18T18:30:49+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_domains_by_proxy/ 2026-03-18T15:54:59+00:00 https://detection.fyi/sublime-security/sublime-rules/link_fake_copyright_claim_template/ 2026-03-18T12:06:56+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_eml_cred_theft_language/ 2026-03-17T19:15:40+00:00 https://detection.fyi/sublime-security/sublime-rules/link_sharepoint_sus_name/ 2026-03-17T18:52:52+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_sus_string_single_url/ 2026-03-17T18:39:48+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_proposal_cred_theft/ 2026-03-17T18:38:30+00:00 https://detection.fyi/sublime-security/sublime-rules/link_ipv4_in_ipv6/ 2026-03-17T18:36:38+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/defense_evasion_potential_http_downgrade_attack/ 2026-03-17T16:28:47+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_dynamic_linker_backup/ 2026-03-17T16:12:08+00:00 https://detection.fyi/tags/threat-orbit/ 2026-03-17T16:12:08+00:00 https://detection.fyi/tags/domain-llm/ 2026-03-17T15:59:08+00:00 https://detection.fyi/elastic/detection-rules/macos/credential_access_python_sensitive_file_access_first_occurrence/ 2026-03-17T15:59:08+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_python_launch_agent_or_daemon_creation_first_occurrence/ 2026-03-17T15:59:08+00:00 https://detection.fyi/elastic/detection-rules/macos/execution_python_shell_spawn_first_occurrence/ 2026-03-17T15:59:08+00:00 https://detection.fyi/elastic/detection-rules/macos/ 2026-03-17T15:59:08+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_azure_arc_cluster_credential_access_unusual_source/ 2026-03-17T15:06:47+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_azure_service_principal_signin_multiple_countries/ 2026-03-17T15:06:47+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/credential_access_azure_service_principal_signin_then_arc_credential_listing/ 2026-03-17T15:06:47+00:00 https://detection.fyi/tags/data-source-azure-arc/ 2026-03-17T15:06:47+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/credential_access_azure_arc_proxy_secret_configmap_access/ 2026-03-17T15:06:47+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_archive_html_filesmb/ 2026-03-17T14:59:21+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/privilege_escalation_sharepoint_site_collection_admin_added/ 2026-03-17T14:49:24+00:00 https://detection.fyi/sublime-security/sublime-rules/html_hex_token_in_coment/ 2026-03-17T14:22:01+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_ics_exessive_custom_properties/ 2026-03-17T14:15:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/execution_cloudshell_environment_created/ 2026-03-17T12:46:59+00:00 https://detection.fyi/tags/data-source-aws-cloudshell/ 2026-03-17T12:46:59+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_fedex/ 2026-03-16T21:46:21+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_brand_wix/ 2026-03-16T21:35:22+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_google_calendar_notification/ 2026-03-16T15:29:23+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_ics_employee_policy/ 2026-03-16T14:28:01+00:00 https://detection.fyi/sublime-security/sublime-rules/link_hidden_domain_using_at_symbol_with_suspicious_indicators/ 2026-03-13T14:40:36+00:00 https://detection.fyi/sublime-security/sublime-rules/sender_local_part_contains_ip/ 2026-03-12T21:01:37+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_vip_w2_request/ 2026-03-12T20:39:59+00:00 https://detection.fyi/sublime-security/sublime-rules/link_microsoft_device_code_authentication_with_suspicious_indicators/ 2026-03-12T20:12:56+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_firebase_sender/ 2026-03-12T19:57:07+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_google_oauth_with_suspicious_redirect_destination/ 2026-03-12T18:28:31+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_booking_com/ 2026-03-12T15:37:11+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_sendgrid/ 2026-03-12T14:37:30+00:00 https://detection.fyi/sublime-security/sublime-rules/bec_fraud_self_reply_lure/ 2026-03-11T21:49:46+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/execution_openclaw_agent_child_process/ 2026-03-11T16:46:33+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/credential_access_genai_process_sensitive_file_access/ 2026-03-11T16:46:33+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/command_and_control_genai_process_unusual_domain/ 2026-03-11T16:46:33+00:00 https://detection.fyi/tags/mitre-atlas-t0055/ 2026-03-11T16:46:33+00:00 https://detection.fyi/tags/mitre-atlas-t0085/ 2026-03-11T16:46:33+00:00 https://detection.fyi/tags/mitre-atlas-t0085.001/ 2026-03-11T16:46:33+00:00 https://detection.fyi/tags/mitre-atlas-t0086/ 2026-03-11T16:46:33+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/defense_evasion_genai_config_modification/ 2026-03-11T16:46:33+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_mcafee/ 2026-03-11T16:22:11+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_github_noreply/ 2026-03-11T16:04:47+00:00 https://detection.fyi/sublime-security/sublime-rules/link_tycoon_uri_structure_detection/ 2026-03-10T22:46:15+00:00 https://detection.fyi/sublime-security/sublime-rules/link_commonly_abused_web_service_redirecting_to_zip_file/ 2026-03-10T18:09:18+00:00 https://detection.fyi/sublime-security/sublime-rules/link_credential_theft_with_tycoon_url_struct/ 2026-03-10T17:22:01+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_fake_copyright_infringement_notice_from_unsolicited_sender/ 2026-03-10T17:13:00+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_sexually_explicit_with_emoji_from_freemail/ 2026-03-10T14:52:56+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_first_time_seen_device_code_auth/ 2026-03-10T14:37:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/defense_evasion_sharepoint_sharing_policy_weakened/ 2026-03-10T13:48:59+00:00 https://detection.fyi/sublime-security/sublime-rules/bec_romance_scam/ 2026-03-09T23:15:35+00:00 https://detection.fyi/sublime-security/sublime-rules/sharepoint_file_name_is_sender_name/ 2026-03-09T18:42:29+00:00 https://detection.fyi/sublime-security/sublime-rules/sus_urllink_https/ 2026-03-09T18:38:29+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/initial_access_iam_session_token_used_from_multiple_addresses/ 2026-03-09T17:57:57+00:00 https://detection.fyi/tags/data-source-aws-iam/ 2026-03-09T17:57:57+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_newly_observed_screenconnect_host_server/ 2026-03-09T16:33:47+00:00 https://detection.fyi/sublime-security/sublime-rules/monday_infra_abuse/ 2026-03-09T16:26:06+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_suspicious_execution_from_vscode_extension/ 2026-03-09T16:22:41+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/defense_evasion_decoded_payload_piped_to_interpreter/ 2026-03-09T16:03:39+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/execution_d4c_k8s_mda_kubernetes_api_activity_by_unusual_utilities/ 2026-03-09T16:03:39+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/defense_evasion_potential_evasion_via_encoded_payload/ 2026-03-09T16:03:39+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/defense_evasion_file_creation_execution_deletion_cradle/ 2026-03-09T16:03:39+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/execution_payload_downloaded_and_piped_to_shell/ 2026-03-09T16:03:39+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/impact_process_killing/ 2026-03-09T16:03:39+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/persistence_suspicious_echo_or_printf_execution/ 2026-03-09T16:03:39+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/execution_suspicious_interactive_interpreter_command_execution/ 2026-03-09T16:03:39+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/execution_tool_installation/ 2026-03-09T16:03:39+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/privilege_escalation_sensitive_workload_modification_by_user_agent/ 2026-03-09T16:03:39+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/persistence_suspicious_webserver_child_process_execution/ 2026-03-09T16:03:39+00:00 https://detection.fyi/sublime-security/sublime-rules/suspicious_request_for_quote_or_purchase/ 2026-03-09T15:57:27+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/initial_access_elastic_defend_alert_genai_utility_descendant/ 2026-03-09T15:53:25+00:00 https://detection.fyi/sublime-security/sublime-rules/phishing_blue_button_file_sharing/ 2026-03-09T15:53:06+00:00 https://detection.fyi/sublime-security/sublime-rules/link_google_drawings_new_sender/ 2026-03-09T15:45:58+00:00 https://detection.fyi/sublime-security/sublime-rules/link_blogspot_explicit_romance_content/ 2026-03-09T15:14:26+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_interpreter_launched_from_decoded_payload/ 2026-03-09T14:06:14+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_vimeo_message_with_plaintext_link/ 2026-03-06T23:45:41+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/lateral_movement_onedrive_malware_uploaded/ 2026-03-06T22:12:45+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/lateral_movement_sharepoint_malware_uploaded/ 2026-03-06T22:12:45+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_port_monitor_print_processor_abuse/ 2026-03-06T22:12:45+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_link_sus_lang/ 2026-03-06T19:50:38+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersionation_zoom_lookalike/ 2026-03-06T16:29:04+00:00 https://detection.fyi/sublime-security/sublime-rules/sender_suspicious_display_name_from_gmail_domain/ 2026-03-06T16:19:00+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_nylas_suspect_content/ 2026-03-06T13:10:51+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_microsoft_flow_noreply/ 2026-03-05T22:26:30+00:00 https://detection.fyi/sublime-security/sublime-rules/link_apple_store_ai_advertising/ 2026-03-05T21:51:39+00:00 https://detection.fyi/sublime-security/sublime-rules/link_office365_suspicious_app_authorization/ 2026-03-05T20:34:48+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_lastpass/ 2026-03-05T15:43:17+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/initial_access_anonymous_request_authorized/ 2026-03-05T13:13:30+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/persistence_sensitive_role_creation_or_modification/ 2026-03-05T13:13:30+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/discovery_denied_service_account_request/ 2026-03-05T13:13:30+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/execution_forbidden_request_from_unsual_user_agent/ 2026-03-05T13:13:30+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/discovery_endpoint_permission_enumeration_by_anonymous_user/ 2026-03-05T13:13:30+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/discovery_endpoint_permission_enumeration_by_user_and_srcip/ 2026-03-05T13:13:30+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/discovery_suspicious_self_subject_review/ 2026-03-05T13:13:30+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/execution_unusual_request_response_by_user_agent/ 2026-03-05T13:13:30+00:00 https://detection.fyi/sublime-security/sublime-rules/link_figma_deck_cred_theft/ 2026-03-04T19:23:50+00:00 https://detection.fyi/tags/data-source-pan-os/ 2026-03-04T19:05:50+00:00 https://detection.fyi/elastic/detection-rules/network/ 2026-03-04T19:05:50+00:00 https://detection.fyi/elastic/detection-rules/network/initial_access_rpc_remote_procedure_call_from_the_internet/ 2026-03-04T19:05:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/privilege_escalation_role_assumption_by_user/ 2026-03-04T18:01:49+00:00 https://detection.fyi/tags/data-source-aws-sts/ 2026-03-04T18:01:49+00:00 https://detection.fyi/sublime-security/sublime-rules/sendgrid_hungerrush_ransom_campaign/ 2026-03-04T17:28:13+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_disney/ 2026-03-04T15:50:24+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_docsend_unsolicited_reply-to/ 2026-03-04T14:11:40+00:00 https://detection.fyi/elastic/detection-rules/ml/ 2026-03-03T19:56:30+00:00 https://detection.fyi/tags/rule-type-machine-learning/ 2026-03-03T19:56:30+00:00 https://detection.fyi/tags/rule-type-ml/ 2026-03-03T19:56:30+00:00 https://detection.fyi/elastic/detection-rules/ml/persistence_ml_rare_process_by_host_windows/ 2026-03-03T19:56:30+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_lsass_openprocess_api/ 2026-03-03T19:05:47+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_recip_email_in_link/ 2026-03-03T14:39:02+00:00 https://detection.fyi/sublime-security/sublime-rules/headers_freemail_replyto_returnpath_mismatch/ 2026-03-03T01:30:25+00:00 https://detection.fyi/sublime-security/sublime-rules/link_direct_exe_low_rep_domain/ 2026-03-02T23:21:23+00:00 https://detection.fyi/sublime-security/sublime-rules/link_google_form_cred_theft_new_sender/ 2026-03-02T22:21:48+00:00 https://detection.fyi/sublime-security/sublime-rules/fake_warning_banner_confusables/ 2026-03-02T21:42:40+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_chase/ 2026-03-02T17:58:41+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_object_hash_encrypted_fake_payment_notification/ 2026-03-02T17:09:31+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_rect_coords/ 2026-03-02T17:09:27+00:00 https://detection.fyi/tags/data-source-system/ 2026-03-02T12:24:25+00:00 https://detection.fyi/elastic/detection-rules/linux/impact_process_kill_threshold/ 2026-03-02T12:24:25+00:00 https://detection.fyi/elastic/detection-rules/linux/collection_potential_audio_recording_activity/ 2026-03-02T12:24:25+00:00 https://detection.fyi/elastic/detection-rules/linux/collection_linux_clipboard_activity/ 2026-03-02T12:24:25+00:00 https://detection.fyi/elastic/detection-rules/linux/collection_potential_video_recording_or_screenshot_activity/ 2026-03-02T12:24:25+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_ld_preload_shared_object_modif/ 2026-03-02T12:24:25+00:00 https://detection.fyi/elastic/detection-rules/linux/lateral_movement_remote_file_creation_world_writeable_dir/ 2026-03-02T12:24:25+00:00 https://detection.fyi/elastic/detection-rules/linux/credential_access_collection_sensitive_files/ 2026-03-02T12:24:25+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_suspicious_mkfifo_execution/ 2026-03-02T12:24:25+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_symlink_binary_to_writable_dir/ 2026-03-02T12:24:25+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_ssh_via_backdoored_system_user/ 2026-03-02T12:24:25+00:00 https://detection.fyi/elastic/detection-rules/linux/lateral_movement_unusual_remote_file_creation/ 2026-03-02T12:24:25+00:00 https://detection.fyi/tags/attack.t1614.001/ 2026-03-01T02:55:40+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_system_language_discovery/ 2026-03-01T02:55:40+00:00 https://detection.fyi/tags/attack.t1059.001/ 2026-03-01T02:47:59+00:00 https://detection.fyi/tags/attack.t1197/ 2026-03-01T02:47:59+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/bits_client/win_bits_client_new_transfer_via_uncommon_tld/ 2026-03-01T02:47:59+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/bits_client/ 2026-03-01T02:47:59+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/ 2026-03-01T02:47:59+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/code_integrity/ 2026-03-01T02:47:59+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/code_integrity/win_codeintegrity_attempted_dll_load/ 2026-03-01T02:47:59+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_non_interactive_execution/ 2026-03-01T02:47:59+00:00 https://detection.fyi/tags/attack.t1036/ 2026-02-28T13:21:29+00:00 https://detection.fyi/tags/attack.t1036.005/ 2026-02-28T13:21:29+00:00 https://detection.fyi/tags/attack.t1574.001/ 2026-02-28T13:21:29+00:00 https://detection.fyi/sigmahq/sigma/windows/file/ 2026-02-28T13:21:29+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/ 2026-02-28T13:21:29+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_creation_system_file/ 2026-02-28T13:21:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_svchost_masqueraded_execution/ 2026-02-28T13:21:29+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_cpl_from_non_system_location/ 2026-02-28T13:21:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_system_exe_anomaly/ 2026-02-28T13:21:29+00:00 https://detection.fyi/tags/attack.command-and-control/ 2026-02-28T13:12:49+00:00 https://detection.fyi/tags/attack.lateral-movement/ 2026-02-28T13:12:49+00:00 https://detection.fyi/tags/attack.t1021.004/ 2026-02-28T13:12:49+00:00 https://detection.fyi/tags/attack.t1059.003/ 2026-02-28T13:12:49+00:00 https://detection.fyi/tags/attack.t1105/ 2026-02-28T13:12:49+00:00 https://detection.fyi/tags/attack.t1219/ 2026-02-28T13:12:49+00:00 https://detection.fyi/tags/attack.t1570/ 2026-02-28T13:12:49+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_comodo_ssh_shellhost_cmd_spawn/ 2026-02-28T13:12:49+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_comodo_itsm_potentially_suspicious_file_creation/ 2026-02-28T13:12:49+00:00 https://detection.fyi/tags/attack.t1069.001/ 2026-02-28T13:06:13+00:00 https://detection.fyi/tags/attack.t1069.002/ 2026-02-28T13:06:13+00:00 https://detection.fyi/tags/attack.t1087.001/ 2026-02-28T13:06:13+00:00 https://detection.fyi/tags/attack.t1087.002/ 2026-02-28T13:06:13+00:00 https://detection.fyi/tags/attack.t1482/ 2026-02-28T13:06:13+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_bloodhound_collection/ 2026-02-28T13:06:13+00:00 https://detection.fyi/sublime-security/sublime-rules/link_sharepoint_self_sender/ 2026-02-27T15:09:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_multistage_clickup/ 2026-02-27T12:56:28+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_zoom_header/ 2026-02-27T11:38:57+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_clickup_multistage/ 2026-02-27T11:29:19+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_reportlab_default_metadata/ 2026-02-27T10:49:55+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/impact_alerts_on_host_with_cpu_spike/ 2026-02-27T08:56:27+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_iam_api_calls_via_user_session_token/ 2026-02-26T22:21:18+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_aws_attempt_to_register_virtual_mfa_device/ 2026-02-26T22:21:18+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_encrypted_pdf_cred_theft/ 2026-02-26T22:16:25+00:00 https://detection.fyi/sublime-security/sublime-rules/headers_message_id_risky_recover_production/ 2026-02-26T21:52:54+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/discovery_sharepoint_sensitive_term_search/ 2026-02-26T19:29:14+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/defense_evasion_mfa_notification_email_deleted/ 2026-02-26T18:21:08+00:00 https://detection.fyi/tags/data-source-okta/ 2026-02-26T16:32:25+00:00 https://detection.fyi/tags/data-source-okta-system-logs/ 2026-02-26T16:32:25+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/initial_access_first_occurrence_user_session_started_via_proxy/ 2026-02-26T16:32:25+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/ 2026-02-26T16:32:25+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/initial_access_okta_suspicious_activity_after_proxy_authentication/ 2026-02-26T16:32:25+00:00 https://detection.fyi/tags/data-source-onedrive/ 2026-02-26T15:38:59+00:00 https://detection.fyi/tags/data-source-sharepoint/ 2026-02-26T15:38:59+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/collection_onedrive_excessive_file_downloads/ 2026-02-26T15:38:59+00:00 https://detection.fyi/sublime-security/sublime-rules/recon_empty_message_uncommon_sender/ 2026-02-25T21:14:38+00:00 https://detection.fyi/elastic/detection-rules/linux/initial_access_telnet_auth_bypass_via_user_envar/ 2026-02-25T20:43:18+00:00 https://detection.fyi/elastic/detection-rules/linux/initial_access_telnet_auth_bypass_envar_auditd/ 2026-02-25T20:43:18+00:00 https://detection.fyi/sublime-security/sublime-rules/body_fake_safe_sender/ 2026-02-25T20:30:50+00:00 https://detection.fyi/tags/domain-network/ 2026-02-25T18:56:02+00:00 https://detection.fyi/elastic/detection-rules/network/discovery_potential_port_scan_detected/ 2026-02-25T18:56:02+00:00 https://detection.fyi/elastic/detection-rules/network/discovery_potential_network_sweep_detected/ 2026-02-25T18:56:02+00:00 https://detection.fyi/elastic/detection-rules/network/discovery_potential_syn_port_scan_detected/ 2026-02-25T18:56:02+00:00 https://detection.fyi/tags/use-case-network-security-monitoring/ 2026-02-25T18:56:02+00:00 https://detection.fyi/sublime-security/sublime-rules/vip_impersonation/ 2026-02-25T17:40:40+00:00 https://detection.fyi/sublime-security/sublime-rules/link_javascript_obfuscation_with_telegram_bot_integration/ 2026-02-25T17:35:56+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_docusign/ 2026-02-24T21:41:00+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_sendersrv/ 2026-02-24T21:39:40+00:00 https://detection.fyi/sublime-security/sublime-rules/link_url_redirecting_to_blob_url/ 2026-02-24T18:25:17+00:00 https://detection.fyi/sublime-security/sublime-rules/tax_w-8ben_documentation/ 2026-02-23T16:22:07+00:00 https://detection.fyi/sublime-security/sublime-rules/recon_email_address_harvesting_attempt/ 2026-02-23T16:15:42+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_lsass_ppl_disabled_registry/ 2026-02-23T16:09:19+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_command_prompt_connecting_to_the_internet/ 2026-02-23T16:09:19+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_suspicious_execution_from_mounted_device/ 2026-02-23T16:09:19+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_bpf_program_or_map_load/ 2026-02-23T15:33:17+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_bpf_program_tampering/ 2026-02-23T15:33:17+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_kernel_instrumentation_discovery_via_kprobes_and_tracefs/ 2026-02-23T15:33:17+00:00 https://detection.fyi/elastic/detection-rules/linux/command_and_control_linux_tunneling_and_port_forwarding/ 2026-02-23T09:01:42+00:00 https://detection.fyi/elastic/detection-rules/linux/command_and_control_linux_tunneling_via_ssh_option/ 2026-02-23T09:01:42+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_insmod_kernel_module_load/ 2026-02-23T08:48:12+00:00 https://detection.fyi/tags/data-source-suricata/ 2026-02-23T08:35:38+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/newly_observed_fortigate_alert/ 2026-02-23T08:35:38+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/newly_observed_suricata_alert/ 2026-02-23T08:35:38+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_qr_with_recipient_targeting_and_special_characters/ 2026-02-21T00:27:03+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_eml_qr_with_recipient_targeting_and_special_characters/ 2026-02-21T00:27:03+00:00 https://detection.fyi/sublime-security/sublime-rules/link_url_with_recipient_targeting_and_special_characters/ 2026-02-21T00:27:03+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/multiple_alerts_llm_attack_chain_triage_by_host/ 2026-02-20T20:43:12+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/multiple_alerts_llm_compromised_user_triage/ 2026-02-20T20:43:12+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/defense_evasion_exchange_dlp_policy_removed/ 2026-02-20T19:00:34+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/initial_access_security_compliance_user_reported_phish_malware/ 2026-02-20T19:00:34+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/impact_security_compliance_potential_ransomware_activity/ 2026-02-20T19:00:34+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/impact_security_compliance_unusual_volume_of_file_deletion/ 2026-02-20T19:00:34+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/initial_access_security_compliance_user_restricted_from_sending_email/ 2026-02-20T19:00:34+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/credential_access_okta_successful_login_after_credential_attack/ 2026-02-20T18:36:25+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/credential_access_okta_brute_force_device_token_rotation/ 2026-02-20T18:36:25+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/credential_access_okta_brute_force_multi_source/ 2026-02-20T18:36:25+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/credential_access_okta_credential_stuffing_single_source/ 2026-02-20T18:36:25+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/credential_access_okta_password_spray_multi_source/ 2026-02-20T18:36:25+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/credential_access_okta_password_spray_single_source/ 2026-02-20T18:36:25+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_survey/ 2026-02-20T17:55:37+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_clearing_windows_console_history/ 2026-02-20T17:11:35+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_powershell_susp_args_via_winscript/ 2026-02-20T17:11:35+00:00 https://detection.fyi/tags/data-source-active-directory/ 2026-02-20T17:11:35+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_badsuccessor_dmsa_abuse/ 2026-02-20T17:11:35+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_adobe_hijack_persistence/ 2026-02-20T17:11:35+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_hide_encoded_executable_registry/ 2026-02-20T17:11:35+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_printspooler_service_suspicious_file/ 2026-02-20T17:11:35+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_dmsa_creation_by_unusual_user/ 2026-02-20T17:11:35+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_wsl_child_process/ 2026-02-20T17:11:35+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_masquerading_trusted_directory/ 2026-02-20T17:11:35+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_windows_powershell_susp_args/ 2026-02-20T17:11:35+00:00 https://detection.fyi/tags/use-case-active-directory-monitoring/ 2026-02-20T17:11:35+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/multiple_alerts_llm_by_user_entity/ 2026-02-20T15:57:34+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/impact_s3_bucket_object_uploaded_with_ransom_keyword/ 2026-02-20T15:41:42+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/multiple_elastic_defend_behavior_rules_same_host_prevalence/ 2026-02-20T09:40:42+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_password_in_filename_bodytext/ 2026-02-19T21:11:42+00:00 https://detection.fyi/sublime-security/sublime-rules/link_direct_msi_low_rep_domain/ 2026-02-19T21:04:10+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_federated_login_by_unusual_client/ 2026-02-19T20:58:12+00:00 https://detection.fyi/elastic/detection-rules/network/command_and_control_accepted_default_telnet_port_connection/ 2026-02-19T20:15:51+00:00 https://detection.fyi/tags/data-source-sonicwall/ 2026-02-19T20:15:51+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/collection_entra_id_sharepoint_access_from_unusual_application/ 2026-02-19T15:09:15+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/multiple_alerts_from_different_modules_by_dstip/ 2026-02-18T23:31:56+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/multiple_alerts_from_different_modules_by_srcip/ 2026-02-18T23:31:56+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/multiple_alerts_from_different_modules_by_user/ 2026-02-18T23:31:56+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/multiple_alerts_risky_host_esql/ 2026-02-18T23:31:56+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/command_and_control_socks_fortigate_endpoint/ 2026-02-18T23:31:56+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/lateral_movement_multi_alerts_new_srcip/ 2026-02-18T23:31:56+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/lateral_movement_multi_alerts_new_userid/ 2026-02-18T23:31:56+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/multiple_alerts_same_tactic_by_host/ 2026-02-18T23:31:56+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/multiple_alerts_involving_user/ 2026-02-18T23:31:56+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/multiple_external_edr_alerts_by_host/ 2026-02-18T23:31:56+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/multiple_machine_learning_jobs_by_entity/ 2026-02-18T23:31:56+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/newly_observed_elastic_detection_rule/ 2026-02-18T23:31:56+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/multiple_alerts_by_host_ip_and_source_ip/ 2026-02-18T23:31:56+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/persistence_entra_id_suspicious_cloud_device_registration/ 2026-02-18T22:37:17+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/discovery_ssm_inventory_reconnaissance/ 2026-02-18T20:50:14+00:00 https://detection.fyi/tags/data-source-aws-ssm/ 2026-02-18T20:50:14+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_sensitive_operations_via_cloudshell/ 2026-02-18T20:29:53+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_iam_oidc_provider_created/ 2026-02-18T20:17:13+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_iam_saml_provider_created/ 2026-02-18T20:17:13+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_gusto/ 2026-02-18T20:00:49+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/multiple_alerts_elastic_defend_netsecurity_by_host/ 2026-02-18T17:04:40+00:00 https://detection.fyi/elastic/detection-rules/integrations/lmd/lateral_movement_ml_high_mean_rdp_process_args/ 2026-02-18T17:04:40+00:00 https://detection.fyi/elastic/detection-rules/integrations/lmd/lateral_movement_ml_high_mean_rdp_session_duration/ 2026-02-18T17:04:40+00:00 https://detection.fyi/elastic/detection-rules/integrations/lmd/lateral_movement_ml_high_variance_rdp_session_duration/ 2026-02-18T17:04:40+00:00 https://detection.fyi/elastic/detection-rules/integrations/lmd/ 2026-02-18T17:04:40+00:00 https://detection.fyi/elastic/detection-rules/integrations/lmd/lateral_movement_ml_spike_in_connections_from_a_source_ip/ 2026-02-18T17:04:40+00:00 https://detection.fyi/elastic/detection-rules/integrations/lmd/lateral_movement_ml_spike_in_connections_to_a_destination_ip/ 2026-02-18T17:04:40+00:00 https://detection.fyi/elastic/detection-rules/integrations/lmd/lateral_movement_ml_spike_in_rdp_processes/ 2026-02-18T17:04:40+00:00 https://detection.fyi/elastic/detection-rules/integrations/lmd/lateral_movement_ml_spike_in_remote_file_transfers/ 2026-02-18T17:04:40+00:00 https://detection.fyi/elastic/detection-rules/integrations/lmd/lateral_movement_ml_rare_remote_file_directory/ 2026-02-18T17:04:40+00:00 https://detection.fyi/elastic/detection-rules/integrations/lmd/lateral_movement_ml_rare_remote_file_extension/ 2026-02-18T17:04:40+00:00 https://detection.fyi/elastic/detection-rules/integrations/lmd/lateral_movement_ml_high_remote_file_size/ 2026-02-18T17:04:40+00:00 https://detection.fyi/elastic/detection-rules/integrations/lmd/lateral_movement_ml_unusual_time_for_an_rdp_session/ 2026-02-18T17:04:40+00:00 https://detection.fyi/tags/use-case-lateral-movement-detection/ 2026-02-18T17:04:40+00:00 https://detection.fyi/tags/data-source-powershell-logs/ 2026-02-18T15:22:24+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_posh_obfuscation_index_reversal/ 2026-02-18T15:22:24+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/defense_evasion_teams_external_access_enabled/ 2026-02-18T15:00:24+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/persistence_teams_guest_access_enabled/ 2026-02-18T15:00:24+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_timestomp_sysmon/ 2026-02-18T14:14:54+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/defense_evasion_guardduty_member_manipulation/ 2026-02-17T21:32:20+00:00 https://detection.fyi/tags/data-source-aws-guardduty/ 2026-02-17T21:32:20+00:00 https://detection.fyi/sublime-security/sublime-rules/wordpress_login_binance_scam/ 2026-02-17T19:55:42+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_display_name_cred_theft_image/ 2026-02-17T19:04:53+00:00 https://detection.fyi/sublime-security/sublime-rules/link_hotel_url_redirect/ 2026-02-17T19:04:43+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/initial_access_identity_unusual_sso_errors_for_user/ 2026-02-17T18:55:24+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_amex/ 2026-02-17T18:17:50+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_dmidecode_system_discovery/ 2026-02-17T16:49:56+00:00 https://detection.fyi/sublime-security/sublime-rules/file_sharing_link_suspicious_subject/ 2026-02-17T15:45:12+00:00 https://detection.fyi/tags/attack.t1036.003/ 2026-02-16T11:50:13+00:00 https://detection.fyi/tags/car.2013-05-009/ 2026-02-16T11:50:13+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_binary_highly_relevant/ 2026-02-16T11:50:13+00:00 https://detection.fyi/sublime-security/sublime-rules/credential_phishing_generic_document_sharing/ 2026-02-14T00:14:03+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_punchbowl/ 2026-02-13T21:03:04+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_amazon/ 2026-02-13T18:33:04+00:00 https://detection.fyi/sublime-security/sublime-rules/credential_phishing_fake_tax_form_document/ 2026-02-13T18:33:04+00:00 https://detection.fyi/sublime-security/sublime-rules/headers_russia_return_path/ 2026-02-13T18:33:04+00:00 https://detection.fyi/sublime-security/sublime-rules/link_credential_theft_with_invisible_unicode_character_in_page_title/ 2026-02-13T16:13:55+00:00 https://detection.fyi/sublime-security/sublime-rules/file_sharing_link_from_suspicious_sender_domain/ 2026-02-13T15:32:13+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/command_and_control_common_llm_endpoint/ 2026-02-13T13:54:52+00:00 https://detection.fyi/tags/attack.t1190/ 2026-02-13T01:36:03+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-40551/ 2026-02-13T01:36:03+00:00 https://detection.fyi/tags/cve.2025-26399/ 2026-02-13T01:36:03+00:00 https://detection.fyi/tags/cve.2025-40536/ 2026-02-13T01:36:03+00:00 https://detection.fyi/tags/cve.2025-40551/ 2026-02-13T01:36:03+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/ 2026-02-13T01:36:03+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-40551/proc_creation_win_exploit_cve_2025_40551/ 2026-02-13T01:36:03+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_view_prompt/ 2026-02-12T17:25:14+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_dropbox/ 2026-02-12T16:53:20+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_tiktok/ 2026-02-12T16:53:20+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_embluemail/ 2026-02-12T16:53:20+00:00 https://detection.fyi/sublime-security/sublime-rules/link_pdf_sender_domain_name/ 2026-02-12T16:25:17+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_google_meet/ 2026-02-12T15:38:08+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/persistence_administrator_role_assigned_to_okta_user/ 2026-02-12T14:33:25+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/command_and_control_interactive_file_download_from_internet/ 2026-02-12T09:52:16+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/persistence_modification_of_persistence_relevant_files/ 2026-02-12T09:52:16+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/defense_evasion_interactive_process_execution_from_suspicious_directory/ 2026-02-12T09:52:16+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/command_and_control_tunneling_and_port_forwarding/ 2026-02-12T09:52:16+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_posh_obfuscation/ 2026-02-11T19:49:33+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_posh_malicious_script_agg/ 2026-02-11T19:32:04+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_posh_hacktool_functions/ 2026-02-11T19:32:04+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_posh_psreflect/ 2026-02-11T19:32:04+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_posh_token_impersonation/ 2026-02-11T19:32:04+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_posh_portable_executable/ 2026-02-11T19:32:04+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_posh_hacktool_authors/ 2026-02-11T19:02:48+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_posh_obfuscation_whitespace_special_proportion/ 2026-02-11T19:02:48+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_posh_process_injection/ 2026-02-11T19:02:48+00:00 https://detection.fyi/elastic/detection-rules/windows/discovery_posh_invoke_sharefinder/ 2026-02-11T19:02:48+00:00 https://detection.fyi/elastic/detection-rules/windows/discovery_posh_suspicious_api_functions/ 2026-02-11T19:02:48+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_posh_obfuscation_iex_string_reconstruction/ 2026-02-11T18:50:49+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_posh_obfuscation_iex_env_vars_reconstruction/ 2026-02-11T18:50:49+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_posh_obfuscation_reverse_keyword/ 2026-02-11T18:50:49+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_posh_obfuscation_string_concat/ 2026-02-11T18:50:49+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_posh_obfuscation_string_format/ 2026-02-11T18:50:49+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_posh_obfuscation_backtick_var/ 2026-02-11T18:36:48+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_posh_obfuscation_char_arrays/ 2026-02-11T18:36:48+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_posh_obfuscation_concat_dynamic/ 2026-02-11T18:36:48+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_posh_obfuscation_high_number_proportion/ 2026-02-11T18:36:48+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_posh_obfuscation_backtick/ 2026-02-11T18:36:48+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_disable_posh_scriptblocklogging/ 2026-02-11T18:26:05+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_posh_encryption/ 2026-02-11T18:26:05+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_posh_defender_tampering/ 2026-02-11T18:26:05+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_posh_compressed/ 2026-02-11T18:26:05+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_posh_assembly_load/ 2026-02-11T18:26:05+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_phishing_zoom_comment/ 2026-02-11T15:38:06+00:00 https://detection.fyi/sublime-security/sublime-rules/paypal_invoice_abuse/ 2026-02-11T14:41:29+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_posh_high_entropy/ 2026-02-11T12:50:19+00:00 https://detection.fyi/elastic/detection-rules/macos/collection_discovery_output_written_to_suspicious_file/ 2026-02-10T03:47:04+00:00 https://detection.fyi/elastic/detection-rules/macos/discovery_dns_request_for_ip_lookup_service/ 2026-02-10T03:47:04+00:00 https://detection.fyi/elastic/detection-rules/macos/command_and_control_executable_download_via_wget/ 2026-02-10T03:47:04+00:00 https://detection.fyi/elastic/detection-rules/macos/discovery_external_ip_address_discovery_via_curl/ 2026-02-10T03:47:04+00:00 https://detection.fyi/elastic/detection-rules/macos/discovery_full_disk_access_check/ 2026-02-10T03:47:04+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/discovery_kubelet_certificate_file_access/ 2026-02-10T03:47:04+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/persistence_cluster_admin_rolebinding_created/ 2026-02-10T03:47:04+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/persistence_service_account_bound_to_clusterrole/ 2026-02-10T03:47:04+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/privilege_escalation_sensitive_rbac_change_followed_by_workload_modification/ 2026-02-10T03:47:04+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/privilege_escalation_service_account_rbac_write_operation/ 2026-02-10T03:47:04+00:00 https://detection.fyi/elastic/detection-rules/macos/command_and_control_perl_outbound_network_connection/ 2026-02-10T03:47:04+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/execution_potential_direct_kubelet_access_via_process_args/ 2026-02-10T03:47:04+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/execution_kubeletctl_execution/ 2026-02-10T03:47:04+00:00 https://detection.fyi/elastic/detection-rules/macos/command_and_control_script_interpreter_connection_to_non_standard_port/ 2026-02-10T03:47:04+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_apple_mail_rule_modification/ 2026-02-10T03:47:04+00:00 https://detection.fyi/elastic/detection-rules/macos/command_and_control_aws_s3_connection_via_script/ 2026-02-10T03:47:04+00:00 https://detection.fyi/elastic/detection-rules/macos/discovery_suspicious_sip_check/ 2026-02-10T03:47:04+00:00 https://detection.fyi/elastic/detection-rules/macos/discovery_system_and_network_configuration_check/ 2026-02-10T03:47:04+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/execution_interactive_file_creation_followed_by_execution/ 2026-02-09T15:58:27+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/discovery_privilege_boundary_enumeration_from_interactive_process/ 2026-02-09T15:58:27+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/discovery_kubelet_pod_discovery_via_builtin_utilities/ 2026-02-09T15:58:27+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/discovery_service_account_namespace_read/ 2026-02-09T15:58:27+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/credential_access_service_account_token_or_cert_read/ 2026-02-09T15:58:27+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/defense_evasion_deletion_of_shell_cmdline_history/ 2026-02-09T15:58:27+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/execution_interactive_file_creation_in_system_binary_locations/ 2026-02-09T15:58:27+00:00 https://detection.fyi/sublime-security/sublime-rules/anthropic_magic_string/ 2026-02-09T15:52:37+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_navan/ 2026-02-09T15:22:30+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/command_and_control_tunnel_qemu/ 2026-02-09T13:57:52+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_potential_webhelpdesk_exploit/ 2026-02-09T13:57:52+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_cmd_file/ 2026-02-09T08:44:55+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/defense_evasion_ec2_serial_console_access_enabled/ 2026-02-06T22:34:55+00:00 https://detection.fyi/tags/data-source-aws-ec2/ 2026-02-06T22:34:55+00:00 https://detection.fyi/sublime-security/sublime-rules/recon_empty_subject_reply-to_mismatch/ 2026-02-06T21:02:51+00:00 https://detection.fyi/sublime-security/sublime-rules/link_susp_gophp/ 2026-02-06T20:36:42+00:00 https://detection.fyi/sublime-security/sublime-rules/link_credential_phishing_copy_paste_instructions/ 2026-02-06T18:00:39+00:00 https://detection.fyi/sublime-security/sublime-rules/link_new_domain_in_link_first_time_sender/ 2026-02-06T17:16:43+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_curl_execution_via_shell_profile/ 2026-02-06T16:53:44+00:00 https://detection.fyi/elastic/detection-rules/macos/defense_evasion_dylib_injection_via_env_vars/ 2026-02-06T16:53:44+00:00 https://detection.fyi/elastic/detection-rules/macos/defense_evasion_gatekeeper_override_and_execution/ 2026-02-06T16:53:44+00:00 https://detection.fyi/elastic/detection-rules/macos/command_and_control_google_calendar_c2_via_script/ 2026-02-06T16:53:44+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_manual_chromium_extension_loading/ 2026-02-06T16:53:44+00:00 https://detection.fyi/elastic/detection-rules/macos/command_and_control_network_connection_to_oast_domain/ 2026-02-06T16:53:44+00:00 https://detection.fyi/elastic/detection-rules/macos/collection_pbpaste_execution_via_unusual_parent/ 2026-02-06T16:53:44+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_hidden_plist_filename/ 2026-02-06T16:53:44+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_suspicious_launch_agent_or_launch_daemon/ 2026-02-06T16:53:44+00:00 https://detection.fyi/elastic/detection-rules/macos/command_and_control_potential_etherhiding_c2/ 2026-02-06T16:53:44+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/discovery_security_software_grep/ 2026-02-06T16:53:44+00:00 https://detection.fyi/elastic/detection-rules/macos/collection_sensitive_file_access_followed_by_compression/ 2026-02-06T16:53:44+00:00 https://detection.fyi/elastic/detection-rules/macos/command_and_control_suspicious_curl_from_macos_application/ 2026-02-06T16:53:44+00:00 https://detection.fyi/elastic/detection-rules/macos/command_and_control_suspicious_curl_to_google_app_script/ 2026-02-06T16:53:44+00:00 https://detection.fyi/elastic/detection-rules/macos/lateral_movement_suspicious_curl_to_jamf_endpoint/ 2026-02-06T16:53:44+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_suspicious_file_creation_via_pkg_install_script/ 2026-02-06T16:53:44+00:00 https://detection.fyi/elastic/detection-rules/macos/command_and_control_suspicious_outbound_network_via_unsigned_binary/ 2026-02-06T16:53:44+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_startup_item_plist_creation/ 2026-02-06T16:53:44+00:00 https://detection.fyi/elastic/detection-rules/macos/defense_evasion_suspicious_tcc_access_granted/ 2026-02-06T16:53:44+00:00 https://detection.fyi/elastic/detection-rules/macos/execution_unusual_library_load_via_python/ 2026-02-06T16:53:44+00:00 https://detection.fyi/sublime-security/sublime-rules/link_sharepoint_filename_org/ 2026-02-06T16:20:44+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_ms_teams_invite/ 2026-02-06T15:53:18+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_apple_testflight/ 2026-02-06T15:50:19+00:00 https://detection.fyi/sublime-security/sublime-rules/canva_infra_abuse/ 2026-02-06T14:35:50+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_ms_planner/ 2026-02-06T10:36:23+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_docker_socket_discovery/ 2026-02-06T08:38:56+00:00 https://detection.fyi/elastic/detection-rules/linux/lateral_movement_kubeconfig_file_activity/ 2026-02-06T08:38:56+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_kubeconfig_file_discovery/ 2026-02-06T08:38:56+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_kubectl_apply_pod_from_url/ 2026-02-06T08:38:56+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_kubernetes_sensitive_file_activity/ 2026-02-06T08:38:56+00:00 https://detection.fyi/sublime-security/sublime-rules/link_fake_fax_low_reputation/ 2026-02-05T22:51:36+00:00 https://detection.fyi/elastic/detection-rules/integrations/problemchild/defense_evasion_ml_suspicious_windows_event_high_probability/ 2026-02-05T20:54:26+00:00 https://detection.fyi/elastic/detection-rules/integrations/problemchild/ 2026-02-05T20:54:26+00:00 https://detection.fyi/tags/use-case-living-off-the-land-attack-detection/ 2026-02-05T20:54:26+00:00 https://detection.fyi/tags/deliverability-testing/ 2026-02-05T20:33:30+00:00 https://detection.fyi/sublime-security/sublime-rules/recon_recipients_bccd_undisclosed/ 2026-02-05T20:33:30+00:00 https://detection.fyi/elastic/detection-rules/macos/defense_evasion_unload_endpointsecurity_kext/ 2026-02-05T17:20:16+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/impact_hosts_file_modified/ 2026-02-05T17:20:16+00:00 https://detection.fyi/elastic/detection-rules/macos/defense_evasion_safari_config_change/ 2026-02-05T17:20:16+00:00 https://detection.fyi/elastic/detection-rules/macos/lateral_movement_credential_access_kerberos_bifrostconsole/ 2026-02-05T17:20:16+00:00 https://detection.fyi/elastic/detection-rules/macos/defense_evasion_privilege_escalation_privacy_pref_sshd_fulldiskaccess/ 2026-02-05T17:20:16+00:00 https://detection.fyi/elastic/detection-rules/macos/credential_access_promt_for_pwd_via_osascript/ 2026-02-05T17:20:16+00:00 https://detection.fyi/sublime-security/sublime-rules/clickfunnels_infra_abuse/ 2026-02-05T15:07:40+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_legal_pdf/ 2026-02-05T14:38:23+00:00 https://detection.fyi/sublime-security/sublime-rules/macos_applescript_double_extension_malware/ 2026-02-05T13:47:43+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/defense_evasion_exchange_new_inbox_rule_delete_or_move/ 2026-02-05T13:02:57+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/ 2026-02-05T12:24:21+00:00 https://detection.fyi/tags/data-source-github/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/defense_evasion_agent_spoofing_mismatched_id/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/persistence_cap_sys_admin_added_to_new_binary/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/persistence_creation_of_kernel_module/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/execution_pentest_eggshell_remote_admin_tool/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_pdf_written_file/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/persistence_creation_modif_launch_deamon_sequence/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/persistence_credential_access_modify_auth_module_or_config/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/privilege_escalation_netcon_via_sudo_binary/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_curl_cve_2023_38545_heap_overflow/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/command_and_control_non_standard_http_port/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/command_and_control_non_standard_ssh_port/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/privilege_escalation_linux_uid_int_max_bug/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/command_and_control_linux_chisel_server_activity/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/discovery_pspy_process_monitoring_detected/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/credential_access_potential_successful_linux_ftp_bruteforce/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/credential_access_potential_successful_linux_rdp_bruteforce/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/defense_evasion_process_termination_followed_by_deletion/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/lateral_movement_ssh_process_launched_inside_container/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/privilege_escalation_sudo_buffer_overflow/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/defense_evasion_rename_esxi_index_file/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/integrations/github/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/integrations/github/exfiltration_github_private_repository_turned_public/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/integrations/github/defense_evasion_secret_scanning_disabled/ 2026-02-05T12:24:21+00:00 https://detection.fyi/tags/rule-type-bbr/ 2026-02-05T12:24:21+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_unsigned_dll_loaded_from_suspdir/ 2026-02-04T17:16:14+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_command_shell_started_by_svchost/ 2026-02-04T12:42:50+00:00 https://detection.fyi/tags/attack.t1557/ 2026-02-04T11:08:03+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/ 2026-02-04T11:08:03+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_gup_query_to_uncommon_domains/ 2026-02-04T11:08:03+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_gup_susp_child_process/ 2026-02-04T11:08:03+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_gup_uncommon_file_creation/ 2026-02-04T11:08:03+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/privilege_escalation_container_created_with_excessive_linux_capabilities/ 2026-02-04T09:42:41+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/privilege_escalation_pod_created_with_sensitive_hostpath_volume/ 2026-02-04T09:42:41+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/privilege_escalation_pod_created_with_hostipc/ 2026-02-04T09:42:41+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/privilege_escalation_pod_created_with_hostnetwork/ 2026-02-04T09:42:41+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/privilege_escalation_pod_created_with_hostpid/ 2026-02-04T09:42:41+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/privilege_escalation_privileged_pod_created/ 2026-02-04T09:42:41+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/privilege_escalation_suspicious_assignment_of_controller_service_account/ 2026-02-04T09:42:41+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/execution_user_exec_to_pod/ 2026-02-04T09:42:41+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/execution_anonymous_create_update_patch_pod_request/ 2026-02-04T08:58:42+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/discovery_potential_cluster_enumeration_via_jq/ 2026-02-04T08:58:42+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_netflix/ 2026-02-03T20:14:54+00:00 https://detection.fyi/sublime-security/sublime-rules/link_hidden_dir/ 2026-02-03T16:21:33+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_microsoft/ 2026-02-03T15:09:38+00:00 https://detection.fyi/elastic/detection-rules/macos/command_and_control_unusual_network_connection_to_suspicious_web_service/ 2026-02-03T14:38:14+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_trello_board_invite_vip/ 2026-02-03T14:32:23+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_marriott/ 2026-02-02T16:31:26+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_wetransfer/ 2026-01-30T15:39:02+00:00 https://detection.fyi/tags/data-source-fortinet-fortigate/ 2026-01-30T15:16:34+00:00 https://detection.fyi/elastic/detection-rules/network/initial_access_newly_observed_fortigate_admin_logon/ 2026-01-30T15:16:34+00:00 https://detection.fyi/elastic/detection-rules/network/persistence_fortigate_admin_creation_unusual_source/ 2026-01-30T15:16:34+00:00 https://detection.fyi/elastic/detection-rules/network/initial_access_fortigate_admin_login_multi_srcip/ 2026-01-30T15:16:34+00:00 https://detection.fyi/elastic/detection-rules/network/collection_fortigate_config_download/ 2026-01-30T15:16:34+00:00 https://detection.fyi/elastic/detection-rules/network/initial_access_fortigate_sso_login_from_unusual_source/ 2026-01-30T15:16:34+00:00 https://detection.fyi/elastic/detection-rules/network/defense_evasion_fortigate_overly_permissive_firewall_policy/ 2026-01-30T15:16:34+00:00 https://detection.fyi/elastic/detection-rules/network/persistence_fortigate_sso_login_followed_by_admin_creation/ 2026-01-30T15:16:34+00:00 https://detection.fyi/elastic/detection-rules/network/persistence_fortigate_super_admin_account_creation/ 2026-01-30T15:16:34+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_free_email_masquerade_vip/ 2026-01-30T13:21:47+00:00 https://detection.fyi/sublime-security/sublime-rules/link_9wolf_phishkit_initial_landing_uri/ 2026-01-30T00:13:09+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_qr_with_recipient_targeting_and_redir_struct/ 2026-01-30T00:12:50+00:00 https://detection.fyi/sublime-security/sublime-rules/link_url_repeating_hex_pattern_with_periods/ 2026-01-29T15:50:13+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_ics_svg_js/ 2026-01-29T15:49:55+00:00 https://detection.fyi/sublime-security/sublime-rules/link_html_frag_binary_end/ 2026-01-29T15:24:43+00:00 https://detection.fyi/sublime-security/sublime-rules/link_40hex_rcpt_base64/ 2026-01-29T15:06:35+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_excel_sharing_go_excelize/ 2026-01-29T15:04:21+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_office_sharing_sus_ocr/ 2026-01-29T14:47:36+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_sender_o365_mail/ 2026-01-29T14:44:01+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/credential_access_okta_aitm_session_cookie_replay/ 2026-01-29T13:58:59+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/ 2026-01-29T11:52:08+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_delete/ 2026-01-29T11:52:08+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/ 2026-01-29T11:52:08+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_credential_guard_disabled/ 2026-01-29T11:52:08+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_credential_guard_registry_tampering/ 2026-01-29T11:52:08+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_delete/registry_delete_disable_credential_guard/ 2026-01-29T11:52:08+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_amsi_disable/ 2026-01-29T11:38:48+00:00 https://detection.fyi/tags/attack.t1562.006/ 2026-01-29T11:38:48+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_amsi_registry_tampering/ 2026-01-29T11:38:48+00:00 https://detection.fyi/tags/attack.s0190/ 2026-01-29T11:37:55+00:00 https://detection.fyi/tags/attack.t1218/ 2026-01-29T11:37:55+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_bitsadmin_download/ 2026-01-29T11:37:55+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_bitsadmin_download_susp_targetfolder/ 2026-01-29T11:37:55+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_bitsadmin_download_susp_extensions/ 2026-01-29T11:37:55+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_legitimate_app_dropping_in_uncommon_location/ 2026-01-29T11:37:55+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_bitsadmin_download_direct_ip/ 2026-01-29T11:37:55+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_bitsadmin_download_file_sharing_domains/ 2026-01-29T11:37:55+00:00 https://detection.fyi/tags/attack.t1112/ 2026-01-29T11:23:46+00:00 https://detection.fyi/tags/attack.t1547.001/ 2026-01-29T11:23:46+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_direct_asep_registry_keys_modification/ 2026-01-29T11:23:46+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_susp_user_shell_folders/ 2026-01-29T11:23:46+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_user_shell_folders_registry_modification/ 2026-01-29T11:23:46+00:00 https://detection.fyi/sublime-security/sublime-rules/link_mamba_2fa_phishing_kit/ 2026-01-28T20:15:55+00:00 https://detection.fyi/sublime-security/sublime-rules/credential_phishing_corporate_services_impersonation_with_suspicious_link/ 2026-01-28T19:58:34+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_aramco/ 2026-01-28T19:58:23+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/impact_newly_observed_process_with_high_cpu/ 2026-01-28T17:38:22+00:00 https://detection.fyi/tags/use-case-observavility/ 2026-01-28T17:38:22+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_employment_contract_update/ 2026-01-28T16:05:51+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_shellexplorer1/ 2026-01-28T15:44:55+00:00 https://detection.fyi/elastic/detection-rules/integrations/github/impact_high_number_of_protected_branch_force_pushes_by_user/ 2026-01-28T03:38:39+00:00 https://detection.fyi/sublime-security/sublime-rules/recon_hotel_booking_reply_to_redirect/ 2026-01-27T19:34:59+00:00 https://detection.fyi/sublime-security/sublime-rules/recon_short_generic_greeting/ 2026-01-27T16:02:14+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/command_and_control_curl_socks_proxy_detected_inside_container/ 2026-01-27T08:58:06+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/execution_d4c_k8s_mda_direct_interactive_kubernetes_api_request_by_usual_utilities/ 2026-01-27T08:58:06+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/execution_direct_interactive_kubernetes_api_request/ 2026-01-27T08:58:06+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/discovery_dns_enumeration/ 2026-01-27T08:58:06+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/discovery_environment_enumeration/ 2026-01-27T08:58:06+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/execution_d4c_k8s_mda_forbidden_direct_interactive_kubernetes_api_request/ 2026-01-27T08:58:06+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/execution_d4c_k8s_mda_service_account_token_access_followed_by_kubernetes_api_request/ 2026-01-27T08:58:06+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/discovery_tool_enumeration/ 2026-01-27T08:58:06+00:00 https://detection.fyi/sublime-security/sublime-rules/link_recipient_email_in_eta_param/ 2026-01-27T03:31:28+00:00 https://detection.fyi/sublime-security/sublime-rules/link_dynamics_form/ 2026-01-27T03:30:38+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hvci_registry_tampering/ 2026-01-26T22:53:42+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_vulnerable_driver_blocklist_registry_tampering/ 2026-01-26T22:53:42+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_deviceguard_hypervisorenforcedcodeintegrity_disabled/ 2026-01-26T22:53:42+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_vulnerable_driver_blocklist_disable/ 2026-01-26T22:53:42+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_mimikatz_powershell_module/ 2026-01-26T22:35:05+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_posh_invoke_ninjacopy/ 2026-01-26T22:35:05+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_posh_kerb_ticket_dump/ 2026-01-26T22:35:05+00:00 https://detection.fyi/elastic/detection-rules/windows/collection_posh_webcam_video_capture/ 2026-01-26T22:35:05+00:00 https://detection.fyi/elastic/detection-rules/windows/collection_posh_screen_grabber/ 2026-01-26T22:35:05+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_amsi_bypass_powershell/ 2026-01-26T22:11:29+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_posh_relay_tools/ 2026-01-26T22:11:29+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_posh_request_ticket/ 2026-01-26T22:11:29+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_posh_minidump/ 2026-01-26T22:11:29+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_posh_veeam_sql/ 2026-01-26T22:11:29+00:00 https://detection.fyi/elastic/detection-rules/windows/collection_mailbox_export_winlog/ 2026-01-26T22:01:48+00:00 https://detection.fyi/elastic/detection-rules/windows/collection_posh_keylogger/ 2026-01-26T22:01:48+00:00 https://detection.fyi/elastic/detection-rules/windows/collection_posh_mailbox/ 2026-01-26T22:01:48+00:00 https://detection.fyi/elastic/detection-rules/windows/collection_posh_audio_capture/ 2026-01-26T22:01:48+00:00 https://detection.fyi/elastic/detection-rules/windows/collection_posh_clipboard_capture/ 2026-01-26T22:01:48+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_monday_callback/ 2026-01-26T21:34:41+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_fake_lawyer_sports_agent/ 2026-01-26T20:36:11+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_oauth_phishing_via_first_party_microsoft_application/ 2026-01-26T19:55:18+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_ics_meeting_invite/ 2026-01-26T19:54:53+00:00 https://detection.fyi/tags/attack.t1564.003/ 2026-01-26T19:02:52+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_launched_with_hidden_start_flag/ 2026-01-26T19:02:52+00:00 https://detection.fyi/tags/data-source-apm/ 2026-01-26T17:26:17+00:00 https://detection.fyi/tags/data-source-wiz/ 2026-01-26T17:26:17+00:00 https://detection.fyi/elastic/detection-rules/promotions/external_alerts/ 2026-01-26T17:26:17+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/multiple_vulnerabilities_wiz_by_container/ 2026-01-26T17:26:17+00:00 https://detection.fyi/elastic/detection-rules/linux/exfiltration_unusual_file_transfer_utility_launched/ 2026-01-26T16:34:16+00:00 https://detection.fyi/elastic/detection-rules/linux/command_and_control_frequent_egress_netcon_from_sus_executable/ 2026-01-26T16:34:16+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/newly_observed_elastic_defend_alert/ 2026-01-26T16:34:16+00:00 https://detection.fyi/elastic/detection-rules/linux/impact_potential_bruteforce_malware_infection/ 2026-01-26T16:34:16+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_port_scanning_activity_from_compromised_host/ 2026-01-26T16:34:16+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_subnet_scanning_activity_from_compromised_host/ 2026-01-26T16:34:16+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_base64_decoding_activity/ 2026-01-26T16:34:16+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_web_server_sus_command_execution/ 2026-01-26T16:34:16+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_web_server_sus_child_spawned/ 2026-01-26T16:34:16+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_network_manager_dispatcher_persistence/ 2026-01-26T16:08:49+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_systemd_netcon/ 2026-01-26T16:08:49+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_udev_rule_creation/ 2026-01-26T16:08:49+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_yum_package_manager_plugin_file_creation/ 2026-01-26T16:08:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/credential_access_cloud_creds_search_inside_a_container/ 2026-01-26T15:37:34+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/execution_container_management_binary_launched_inside_a_container/ 2026-01-26T15:37:34+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/container_workload_protection/ 2026-01-26T15:37:34+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/privilege_escalation_debugfs_launched_inside_a_privileged_container/ 2026-01-26T15:37:34+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/defense_evasion_ld_preload_shared_object_modified_inside_a_container/ 2026-01-26T15:37:34+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/execution_interactive_exec_to_container/ 2026-01-26T15:37:34+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/execution_interactive_shell_spawned_from_inside_a_container/ 2026-01-26T15:37:34+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/privilege_escalation_mount_launched_inside_a_privileged_container/ 2026-01-26T15:37:34+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/execution_netcat_listener_established_inside_a_container/ 2026-01-26T15:37:34+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/privilege_escalation_potential_container_escape_via_modified_notify_on_release_file/ 2026-01-26T15:37:34+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/privilege_escalation_potential_container_escape_via_modified_release_agent_file/ 2026-01-26T15:37:34+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/credential_access_collection_sensitive_files_compression_inside_a_container/ 2026-01-26T15:37:34+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/credential_access_sensitive_keys_or_passwords_search_inside_a_container/ 2026-01-26T15:37:34+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/persistence_ssh_authorized_keys_modification_inside_a_container/ 2026-01-26T15:37:34+00:00 https://detection.fyi/elastic/detection-rules/integrations/cloud_defend/discovery_suspicious_network_tool_launched_inside_a_container/ 2026-01-26T15:37:34+00:00 https://detection.fyi/elastic/detection-rules/windows/impact_high_freq_file_renames_by_kernel/ 2026-01-26T13:15:54+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_rare_webdav_destination/ 2026-01-26T12:51:09+00:00 https://detection.fyi/tags/attack.t1546.001/ 2026-01-24T17:54:59+00:00 https://detection.fyi/tags/attack.t1548.002/ 2026-01-24T17:54:59+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_registry_modification_of_ms_setting_protocol_handler/ 2026-01-24T17:54:59+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/ 2026-01-24T17:54:59+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_shell_open_keys_manipulation/ 2026-01-24T17:54:59+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_susp_shell_open_keys_modification_patterns/ 2026-01-24T17:54:59+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/appxdeployment_server/ 2026-01-24T16:04:41+00:00 https://detection.fyi/tags/attack.t1204.002/ 2026-01-24T16:04:41+00:00 https://detection.fyi/tags/attack.t1553.005/ 2026-01-24T16:04:41+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_install_unsigned_appx_packages/ 2026-01-24T16:04:41+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_install_unsigned_appx_packages/ 2026-01-24T16:04:41+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/appxdeployment_server/win_appxpackaging_server_full_trust_package_installation/ 2026-01-24T16:04:41+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/appxdeployment_server/win_appxpackaging_server_unsigned_package_installation/ 2026-01-24T16:04:41+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_msix_ai_stub_execution/ 2026-01-24T16:04:41+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_oauth_auth_code_grant_unusual_app_resource_user/ 2026-01-24T13:51:23+00:00 https://detection.fyi/tags/attack.reconnaissance/ 2026-01-24T11:37:27+00:00 https://detection.fyi/tags/attack.t1595.002/ 2026-01-24T11:37:27+00:00 https://detection.fyi/sigmahq/sigma/network/dns/ 2026-01-24T11:37:27+00:00 https://detection.fyi/sigmahq/sigma/network/dns/net_dns_external_service_interaction_domains/ 2026-01-24T11:37:27+00:00 https://detection.fyi/sigmahq/sigma/network/ 2026-01-24T11:37:27+00:00 https://detection.fyi/tags/attack.t1543.003/ 2026-01-24T11:36:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_devcon_disable_vmci_driver/ 2026-01-24T11:36:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_kdu_driver_tool/ 2026-01-24T11:36:29+00:00 https://detection.fyi/sigmahq/sigma/application/ 2026-01-24T11:32:10+00:00 https://detection.fyi/tags/attack.t1021.001/ 2026-01-24T11:32:10+00:00 https://detection.fyi/tags/attack.t1046/ 2026-01-24T11:32:10+00:00 https://detection.fyi/tags/attack.t1133/ 2026-01-24T11:32:10+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/ 2026-01-24T11:32:10+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_portscan_syn_scan/ 2026-01-24T11:32:10+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_portscan_nmap_fin_scan/ 2026-01-24T11:32:10+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_portscan_nmap_null_scan/ 2026-01-24T11:32:10+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_portscan_nmap_os_scan/ 2026-01-24T11:32:10+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_portscan_nmap_xmas_scan/ 2026-01-24T11:32:10+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_rdp_connection_attempt/ 2026-01-24T11:32:10+00:00 https://detection.fyi/tags/attack.t1047/ 2026-01-24T11:25:13+00:00 https://detection.fyi/tags/attack.t1059.005/ 2026-01-24T11:25:13+00:00 https://detection.fyi/tags/attack.t1220/ 2026-01-24T11:25:13+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_squiblytwo_bypass/ 2026-01-24T11:25:13+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_wmic_remote_xsl_scripting_dlls/ 2026-01-24T11:25:13+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_xsl_script_processing/ 2026-01-24T11:25:13+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_create_non_existent_dlls/ 2026-01-24T11:04:15+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_non_existent_dlls/ 2026-01-24T11:04:15+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_potential_oci_dll_redirection/ 2026-01-24T11:04:15+00:00 https://detection.fyi/tags/attack.t1548/ 2026-01-24T10:51:42+00:00 https://detection.fyi/tags/attack.t1554/ 2026-01-24T10:51:42+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_capa_discovery/ 2026-01-24T10:51:42+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_cap_setgid/ 2026-01-24T10:51:42+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_cap_setuid/ 2026-01-24T10:51:42+00:00 https://detection.fyi/sublime-security/sublime-rules/headers_reply_to_wildcard_sender/ 2026-01-23T21:34:35+00:00 https://detection.fyi/tags/data-source-entra-id/ 2026-01-23T21:25:51+00:00 https://detection.fyi/tags/data-source-entra-id-sign-in/ 2026-01-23T21:25:51+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/credential_access_azure_entra_susp_device_code_signin/ 2026-01-23T21:25:51+00:00 https://detection.fyi/sublime-security/sublime-rules/phaas_impact_solutions/ 2026-01-23T19:24:24+00:00 https://detection.fyi/sublime-security/sublime-rules/link_sharepoint_invalid_recipient_domain/ 2026-01-23T16:27:27+00:00 https://detection.fyi/sublime-security/sublime-rules/file_sharing_with_template_artifacts/ 2026-01-23T16:22:25+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/newly_observed_panos_alert/ 2026-01-23T12:22:21+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/command_and_control_suricata_elastic_defend_c2/ 2026-01-23T12:02:25+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/defense_evasion_events_deleted/ 2026-01-23T09:41:20+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/execution_forbidden_creation_request/ 2026-01-23T09:41:20+00:00 https://detection.fyi/sublime-security/sublime-rules/link_tycoon/ 2026-01-23T04:24:57+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_adobe_document_approval/ 2026-01-23T01:42:43+00:00 https://detection.fyi/sublime-security/sublime-rules/body_extortion/ 2026-01-22T20:41:46+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/defense_evasion_cloudtrail_logging_deleted/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/defense_evasion_cloudtrail_logging_evasion/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/defense_evasion_cloudtrail_logging_suspended/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/defense_evasion_cloudwatch_alarm_deletion/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/impact_cloudwatch_log_group_deletion/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/impact_cloudwatch_log_stream_deletion/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/defense_evasion_configuration_recorder_stopped/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/impact_ec2_ebs_snapshot_access_removed/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/exfiltration_ec2_ebs_snapshot_shared_with_another_account/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/exfiltration_ec2_full_network_packet_capture_detected/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/lateral_movement_ec2_instance_connect_ssh_public_key_uploaded/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/impact_efs_filesystem_deleted/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/defense_evasion_guardduty_detector_deletion/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/privilege_escalation_iam_update_assume_role_policy/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/privilege_escalation_iam_customer_managed_policy_attached_to_role/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/impact_iam_deactivate_mfa_device/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_iam_roles_anywhere_trusted_anchor_created_with_external_ca/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_lambda_backdoor_invoke_function_for_any_principal/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_rds_instance_made_public/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/impact_rds_instance_cluster_deletion/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/impact_rds_instance_cluster_deletion_protection_disabled/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_rds_db_instance_password_modified/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/defense_evasion_rds_instance_restored/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/exfiltration_rds_snapshot_shared_with_another_account/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_route_53_domain_transferred_to_another_account/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/defense_evasion_route53_dns_query_resolver_config_deletion/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/exfiltration_s3_bucket_replicated_to_external_account/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/exfiltration_sns_rare_protocol_subscription_by_user/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/credential_access_retrieve_secure_string_parameters_via_ssm/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/defense_evasion_waf_acl_deletion/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/defense_evasion_waf_rule_or_rule_group_deletion/ 2026-01-22T20:01:49+00:00 https://detection.fyi/tags/data-source-amazon-cloudwatch/ 2026-01-22T20:01:49+00:00 https://detection.fyi/tags/data-source-aws-config/ 2026-01-22T20:01:49+00:00 https://detection.fyi/tags/data-source-aws-efs/ 2026-01-22T20:01:49+00:00 https://detection.fyi/tags/data-source-aws-lambda/ 2026-01-22T20:01:49+00:00 https://detection.fyi/tags/data-source-aws-rds/ 2026-01-22T20:01:49+00:00 https://detection.fyi/tags/data-source-aws-route-53/ 2026-01-22T20:01:49+00:00 https://detection.fyi/tags/data-source-aws-sns/ 2026-01-22T20:01:49+00:00 https://detection.fyi/tags/data-source-aws-systems-manager/ 2026-01-22T20:01:49+00:00 https://detection.fyi/tags/data-source-aws-waf/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/credential_access_new_terms_secretsmanager_getsecretvalue/ 2026-01-22T20:01:49+00:00 https://detection.fyi/tags/use-case-asset-visibility/ 2026-01-22T20:01:49+00:00 https://detection.fyi/tags/use-case-log-auditing/ 2026-01-22T20:01:49+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/execution_sap_netweaver_webshell_exec/ 2026-01-22T18:58:02+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/execution_sap_netweaver_jsp_webshell/ 2026-01-22T18:58:02+00:00 https://detection.fyi/sublime-security/sublime-rules/link_credential_phishing_voicemail_language/ 2026-01-22T15:33:44+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_powerbi_noreply/ 2026-01-22T14:55:18+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_phishing_calendar_invite/ 2026-01-22T03:54:18+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_authentisign/ 2026-01-21T23:35:51+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_pw_protected_fake_document/ 2026-01-21T21:19:32+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_blockchain/ 2026-01-21T20:39:26+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_invoice_w9_pdfs/ 2026-01-21T20:17:42+00:00 https://detection.fyi/sublime-security/sublime-rules/link_display_text_excessive_right_to_left_marks/ 2026-01-21T18:22:39+00:00 https://detection.fyi/sublime-security/sublime-rules/link_self_sender_doc_review/ 2026-01-21T14:52:54+00:00 https://detection.fyi/sublime-security/sublime-rules/job_scam_specific_salary/ 2026-01-21T14:09:00+00:00 https://detection.fyi/sublime-security/sublime-rules/link_multiple_rewrite_encoders_high/ 2026-01-21T03:21:13+00:00 https://detection.fyi/tags/data-source-aws-redshift/ 2026-01-20T21:05:39+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/exfiltration_ec2_vm_export_failure/ 2026-01-20T21:05:39+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/defense_evasion_elasticache_security_group_creation/ 2026-01-20T21:05:39+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/defense_evasion_elasticache_security_group_modified_or_deleted/ 2026-01-20T21:05:39+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/persistence_rds_cluster_creation/ 2026-01-20T21:05:39+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/persistence_rds_instance_creation/ 2026-01-20T21:05:39+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/impact_rds_instance_cluster_stoppage/ 2026-01-20T21:05:39+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/persistence_rds_group_creation/ 2026-01-20T21:05:39+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/impact_rds_group_deletion/ 2026-01-20T21:05:39+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/persistence_redshift_instance_creation/ 2026-01-20T21:05:39+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/collection_cloudtrail_logging_created/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/impact_cloudtrail_logging_updated/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/defense_evasion_config_service_rule_deletion/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/discovery_multiple_discovery_api_calls_via_cli/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/discovery_ec2_deprecated_ami_discovery/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/impact_ec2_disable_ebs_encryption/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/exfiltration_ec2_export_task/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/lateral_movement_ec2_instance_console_login/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_ec2_network_acl_creation/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/defense_evasion_ec2_network_acl_deletion/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_route_table_created/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_ec2_security_group_configuration_change_detection/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/impact_aws_eventbridge_rule_disabled_or_deleted/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/defense_evasion_sts_get_federation_token/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/privilege_escalation_iam_administratoraccess_policy_attached_to_group/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/privilege_escalation_iam_administratoraccess_policy_attached_to_role/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/privilege_escalation_iam_administratoraccess_policy_attached_to_user/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_iam_group_creation/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/impact_iam_group_deletion/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_iam_create_login_profile_for_root/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/discovery_iam_principal_enumeration_via_update_assume_role_policy/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_iam_roles_anywhere_profile_created/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/privilege_escalation_iam_saml_provider_updated/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/credential_access_iam_user_addition_to_group/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_iam_user_created_access_keys_for_another_user/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/impact_kms_cmk_disabled_or_scheduled_for_deletion/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/execution_lambda_external_layer_added_to_function/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/credential_access_root_console_failure_brute_force/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/initial_access_console_login_root/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/impact_rds_snapshot_deleted/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/exfiltration_rds_snapshot_export/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_route_53_domain_transfer_lock_disabled/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_route_53_hosted_zone_associated_with_a_vpc/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/defense_evasion_s3_bucket_configuration_deletion/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/impact_aws_s3_bucket_enumeration_or_brute_force/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/defense_evasion_s3_bucket_lifecycle_expiration_added/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/exfiltration_s3_bucket_policy_added_for_public_access/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/exfiltration_s3_bucket_policy_added_for_external_account_access/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/defense_evasion_s3_bucket_server_access_logging_disabled/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/impact_s3_object_encryption_with_external_key/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/impact_s3_object_versioning_disabled/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/collection_s3_unauthenticated_bucket_access_by_rare_source/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/discovery_servicequotas_multi_region_service_quota_requests/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/initial_access_signin_console_login_federated_user/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/initial_access_password_recovery/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/resource_development_sns_topic_created_by_rare_user/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/defense_evasion_sqs_purge_queue/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_sts_assume_role_with_new_mfa/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/privilege_escalation_sts_assume_root_from_rare_user_and_member_account/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/privilege_escalation_sts_role_chaining/ 2026-01-20T20:52:48+00:00 https://detection.fyi/tags/data-source-amazon-s3/ 2026-01-20T20:52:48+00:00 https://detection.fyi/tags/data-source-aws-cloudfront/ 2026-01-20T20:52:48+00:00 https://detection.fyi/tags/data-source-aws-dynamodb/ 2026-01-20T20:52:48+00:00 https://detection.fyi/tags/data-source-aws-elastic-load-balancing/ 2026-01-20T20:52:48+00:00 https://detection.fyi/tags/data-source-aws-eventbridge/ 2026-01-20T20:52:48+00:00 https://detection.fyi/tags/data-source-aws-kms/ 2026-01-20T20:52:48+00:00 https://detection.fyi/tags/data-source-aws-service-quotas/ 2026-01-20T20:52:48+00:00 https://detection.fyi/tags/data-source-aws-ses/ 2026-01-20T20:52:48+00:00 https://detection.fyi/tags/data-source-aws-sign-in/ 2026-01-20T20:52:48+00:00 https://detection.fyi/tags/data-source-aws-sqs/ 2026-01-20T20:52:48+00:00 https://detection.fyi/tags/data-source-cloudformation/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/impact_s3_excessive_object_encryption_with_sse_c/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/execution_new_terms_cloudformation_createstack/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/impact_s3_unusual_object_encryption_with_sse_c/ 2026-01-20T20:52:48+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_web_shell_aspx_write/ 2026-01-20T18:30:57+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_web_config_file_access/ 2026-01-20T18:30:57+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_disable_apparmor_attempt/ 2026-01-19T12:19:24+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_breely_payment_redirect/ 2026-01-16T19:14:26+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_xodo/ 2026-01-16T15:16:29+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_getaccept/ 2026-01-16T14:46:38+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_employee_subject/ 2026-01-16T13:51:24+00:00 https://detection.fyi/elastic/detection-rules/windows/discovery_privileged_localgroup_membership/ 2026-01-16T12:46:45+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_execution_msbuild_started_unusal_process/ 2026-01-16T12:46:45+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_execution_msbuild_started_by_script/ 2026-01-16T12:46:45+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_suspicious_powershell_imgload/ 2026-01-16T12:46:45+00:00 https://detection.fyi/elastic/detection-rules/windows/discovery_signal_unusual_discovery_signal_proc_cmdline/ 2026-01-16T12:46:45+00:00 https://detection.fyi/elastic/detection-rules/windows/discovery_signal_unusual_discovery_signal_proc_executable/ 2026-01-16T12:46:45+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_scheduled_task_updated/ 2026-01-16T12:46:45+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_quickbooks/ 2026-01-15T15:59:36+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_free_giveaways/ 2026-01-14T15:20:12+00:00 https://detection.fyi/sublime-security/sublime-rules/subject_sus_bracket_ref/ 2026-01-12T23:34:32+00:00 https://detection.fyi/elastic/detection-rules/windows/collection_winrar_encryption/ 2026-01-12T22:51:08+00:00 https://detection.fyi/sublime-security/sublime-rules/vendor_impersonation_thread_hijack/ 2026-01-12T20:49:12+00:00 https://detection.fyi/tags/abusech-urlhaus/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_soliciting_enable_macros/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_vba_macro_auto_exec_unsolicited/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_vba_macro_auto_open_unsolicited/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_vba_macro_high_risk/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_vba_macro_calling_executable/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_vba_macro_employee_impersonation/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_suspicious_csproj/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_7z_archive_containing_rar_file/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_any_html_in_archive_unsolicited/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_disallowed_file_type_in_archive/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_archive_with_pdf_wsf_txt_attached.qakbot/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_ics_with_invisible_unicode_characters/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_callback_phish_with_img/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/cve_2021_40444_external_relationship/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_cve_2023_21716_rtf_fonts/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_docusign_impersonation_new_domain/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_svg_embedded_js/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_mht_embedded_vbscript/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_eml_b64_script/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_eml_html_attachment_portal/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_eml_encrypted_zip/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_eml_suspicious_indicators/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_encrypted_ole_unsolicited/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_xlxs_sus_templates/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_credential_phishing_secure_message/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_js_file_execution/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_filename_with_unicode_rtlo/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_attachment_login_page/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_all_script/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_excessive_padding/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_recipients_suspicious_js/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_qr_code/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_body_onload/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_suspicious_onload/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_microsoft_signin/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_atob/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_atob_ics/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_auto_file_download/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_javascript_base64/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_concatenation_obfuscation/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_decimal_encoding/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_eval_atob/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_eval_atob_calendar/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_line_break_obfuscation/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_rc4/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_rot13/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_settimeout/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_unescape/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_hidden_body/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_url_with_unc_path/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_lnk_file_with_embedded_content/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_macro_mht/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_shellbrowserwindow_com_object_in_macro/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_malicious_onenote_commands/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_office365_image/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_office_remote_doc_template/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_office_file_with_vsto/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_office_file_relationship_cred_theft/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_office_cred_phish_url/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_office_suspicious_functions/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_file_scheme_link_containing_ip_address/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_file_fraudulent_cryptocurrency_exchange/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_with_low_reputation_link_to_zip_file/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_with_low_reputation_link_to_suspicious_files/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_free_subdomain_cred_theft/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_link_to_dmg/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_with_link_to_zip_containing_wsf/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_credtheft_link_suspicious_file/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_potential_sandbox_evasion_in_office_file/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_powerpoint_hyperlinks/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_qr_link_b64_recipient/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_qr_code_suspicious_components/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_userinfo_qr/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_sfx_commands/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_small_txt_suspicious_link/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_uncommon_compressed/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_rar_cve-2025-8088/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/bec_fraud_generic_scam/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/body_job_scam_freemail_pivot/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/bec_urgent_suspicious_patterns/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_benefits_enrollment/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_adobe_image_lure_qr_code/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_adp/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_amazon_suspicious_text/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_barracuda/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_chase_credential_theft_indicators/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_doordash/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_evite/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_exodus/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_fastway/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_gemini/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_google_fake_sign_in_image_lure/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_google_via_msft_forms/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_hulu/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_irs/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_linkedin/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_mailgun/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_microsoft_image_lure_qr_code/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_microsoft_fake_sign_in_alert/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_microsoft_low_reputation/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_norton_lifelock/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_quickbooks_impersonation_intuit/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_sharefile/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_sharepoint_fake_file_share/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_siliconvalleybank/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_stripe/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_sublime_security/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_uk_home_office/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_uhc/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_venmo/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_wells_fargo/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/body_business_email_compromise_new_sender/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_phishing_adobesign/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_phishing_docusign_comment/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_phishing_generic_esignature/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_phishing_extensionless_rfc822_image/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_phishing_google_meet/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_phishing_intuit/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_phishing_signable/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_phishing_signfree/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_phishing_xodosign/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_phishing_yammer_comment/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_phishing_zelle/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_phishing_zoho/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_aol_senders/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_phishing_social_security_fraud/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/body_bec_covid_international_org_scam/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/credential_phishing_docusign_embedded_image_lure/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_credential_phishing_intent_and_other_indicators/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_fake_password_expiration/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_fake_storage_alert/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_credential_phishing_image_as_content/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/credential_phishing_one_drive_impersonation/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/credential_phishing_esign_document_notification/ 2026-01-12T17:22:12+00:00 https://detection.fyi/tags/cryptocurrency/ 2026-01-12T17:22:12+00:00 https://detection.fyi/tags/cve-2021-40444/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/body_cve_2023_5631/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_suspicious_subject_with_cyrillic_substitutions/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/deceptive_dropbox_mention/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_emoji_cash_lures/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_recipient_domain_display_name/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_domain_replyto_freemail_lookalike_financial_request/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_employee_urgent_request/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/credential_phishing_fake_email_quarantine_notification/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_fake_msg_thread_mismatched_from_freemail_replyto/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/fake_tax_prep_request/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/fake_scan_to_email/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/fake_thread_suspicious_indicators/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/credential_phishing_zoho_sign_template_abuse/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/shipping_chinese_domain/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_login_or_captcha/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_google_amp_suspicious_indicators/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_google_notification_untrusted_sender/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_google_shortlinks_services/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_google_share_notificaiton_sus_comments/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/headers_system_account_spoof/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/body_business_email_compromise_mismatched_sender/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/hr_impersonation_docusign_comment/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/body_html_smuggling_atob_in_body/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/image_as_content_open_redir/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_recipient_domain/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_fake_gmail_attachment/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_salesforce_fake_campaign_failure/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_sharepoint_reply_headers/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_social_security_admin/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/issuu_suspicious_embedded_link/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_download_suspicious_file/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_download_disk_image_in_encrypted_zip/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_html_smuggling_with_google_drive_branding/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_google_apps_script_macro/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_google_comment_script_macro/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_form_abuse_triple_asterisk/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_adobe_share_unsoliticed_sender/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_adobe_share_suspicious/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_appstore_malicious_app_freemail/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_fragment_contains_subject_blob_and_email/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_single_riddle/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/recipients_undisclosed_free_subdomain_host/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_firebase_new_domain_redirect/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_google_translate/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/intuit_url_not_from_intuit/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_invoice_fake_customer_service_freemail_sender/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_ipfs_phishing/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_jensi_unsolicited/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_microsoft_impersonation_using_hosted_png/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_rpmsg_self_addressed/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_multiple_http_protocols_in_single_url/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_multistage_adobe_acrobat_hosted_pdf/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_multistage_microsoft_forms/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_scribd_document_cred_theft/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_recipient_domain_in_path/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_screenconnect/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_secure_sharepoint_file/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_self_sender_org_subject_cred_theft/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_obfuscation_split_anchor_scheme/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_autodownloaded_html_smuggling/ 2026-01-12T17:22:12+00:00 https://detection.fyi/tags/malfam-ave-maria/ 2026-01-12T17:22:12+00:00 https://detection.fyi/tags/malfam-emotet/ 2026-01-12T17:22:12+00:00 https://detection.fyi/tags/malfam-metastealer/ 2026-01-12T17:22:12+00:00 https://detection.fyi/tags/malfam-qakbot/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/mass_campaign_recipient_address_new_sender/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/header_onmicrosoft_traversal/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_microsoft_device_code_phish/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/ms_infrastructure_abuse/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_microsoft_go2_open_redirect_phish/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_agena-smile/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_website-5/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_spently/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_artkaderne/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_asemailmgmteu/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_astroarts/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_atdmt/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_avast/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_bestdealstoday/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_bmwusa/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_bubblelife/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_buildingengines/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_business_google/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_cartoonnetwork/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_clubos/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_convertcart/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_designsori/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_documentmailbox/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_eaoko/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_easycamp/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_emlakarsa/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_emp-eduyield/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_eodcnetworkdirect/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_csiro-au/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_exactag/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_fenc/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_g7fr/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_google_open_redirect_with_suspicious_indicators/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_google_web_light_open_redirect/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_ijf/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_indeed/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_indiatimes/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_isadatalab/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_labcluster/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_learningapps/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_listing-ca/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_magic4media/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_magiccity/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_magneticmarketing/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_spiceworks/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_mcgill/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_medium/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_meta_youtube/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_mindmixer/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_nested_doubleclick/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_obunsha/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_panera_bread/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_phoenixartstudio/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_pmifunds/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_premierbet/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_qrxtech/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_queue_swytchbike/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_radiopublic/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_retailrocket/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_ringaraja/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_sciencebuddies/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_secondstreet/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_shibboleth/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_shoppermeet/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_slack/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_smartadserver/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_smore/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_statslibpdxedu/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_storematch/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_ticketmaster/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_tiktok/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_tkqlhce/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_unitedwaynwvt/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_usthk/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_vconfex/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_vk/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_whitefox/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_xfinity/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_youtube_google/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_with_google_ae_redirect/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/html_prompt_injection/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/qr_code_suspicious_indicators/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/suspicious_request_for_quote_html_smuggling/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/salesforce_infra_abuse/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/deceptive_pdf_attachment_mention/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/headers_sendgrid_onmicrosoft/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_box_credential_phishing/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_docsend_new_domain/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_docusign_unsolicited_reply-to/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_dropbox_new_domain/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_dropbox_sus_names/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_fliphtml5/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_google_classroom/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_hellosign_sus_names/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/credential_phishing_nifty.com_domain_abuse/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/abused_payoneer_callback/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_quickbooks_new_domain/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_quickbooks_suspicious_comments/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_sendgrid_new_cred_theft/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_sendgrid_impersonation/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_surveymonkey_new_domain/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/unrelated_sharepoint_link/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/sharepoint_opt_filename_org/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_campaign_excessive_display_text_with_keywords/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_campaign_excessive_space_obfuscation_free_file_hosting/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_onmicrosoft/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_single_recipient_duplicated_in_cc/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_url_shortener_emojis/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/headers_spf_temp_error/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/stripe_invoice_abuse/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/suspicious_matching_subject_sender_display_name/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/lookalike_domain_with_suspicious_language/ 2026-01-12T17:22:12+00:00 https://detection.fyi/tags/suspicious-attachment/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_suspicious_message_unscannable_cloudflare/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/cred_theft_suspicious_invoice_w_missing_or_image_only_attachments/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_suspicious_lookerstudio_new_unsolicited_sender/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_cloudflare_service_abuse/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/headers_replyto_new_domain_nlu_request/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/suspicious_recipient_low_rep_link/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/recipients_undisclosed_nlu_cred_theft_low_rep_links/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/recipients_undisclosed_compauth_check/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/suspicious_subject_procedurally_generated_blob/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_suspicious_vba_macro_first_time_sender/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/uri_handler_search_ms/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/body_unicode_slashes_in_url/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/urlhaus_malicious_dom_in_body_or_pdf/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/vip_impersonation_fake_thread/ 2026-01-12T17:22:12+00:00 https://detection.fyi/sublime-security/sublime-rules/zoom_events_abuse/ 2026-01-12T17:22:12+00:00 https://detection.fyi/tags/mitre-atlas-t0040/ 2026-01-12T17:05:15+00:00 https://detection.fyi/tags/mitre-atlas-t0044/ 2026-01-12T17:05:15+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/initial_access_ollama_api_external_access/ 2026-01-12T17:05:15+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_wix_mass_mailer/ 2026-01-12T16:46:58+00:00 https://detection.fyi/tags/data-source-entra-id-sign-in-logs/ 2026-01-12T15:37:07+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/credential_access_entra_id_excessive_account_lockouts/ 2026-01-12T15:37:07+00:00 https://detection.fyi/elastic/detection-rules/integrations/github/exfiltration_high_number_of_cloning_by_user/ 2026-01-12T15:37:07+00:00 https://detection.fyi/elastic/detection-rules/integrations/github/impact_high_number_of_closed_pull_requests_by_user/ 2026-01-12T15:37:07+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_user_or_group_deletion/ 2026-01-12T15:37:07+00:00 https://detection.fyi/elastic/detection-rules/integrations/github/persistence_new_pat_created/ 2026-01-12T15:37:07+00:00 https://detection.fyi/elastic/detection-rules/linux/credential_access_potential_password_spraying_attack/ 2026-01-12T15:37:07+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/defense_evasion_processes_with_trailing_spaces/ 2026-01-12T15:37:07+00:00 https://detection.fyi/elastic/detection-rules/integrations/github/impact_high_number_of_failed_protected_branch_force_pushes_by_user/ 2026-01-12T15:37:07+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/privilege_escalation_trap_execution/ 2026-01-12T15:37:07+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/initial_access_sign_in_events_via_third_party_idp/ 2026-01-12T14:40:09+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/persistence_entra_id_user_signed_in_from_unusual_device/ 2026-01-12T13:45:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/defense_evasion_entra_id_susp_oauth2_authorization/ 2026-01-12T13:45:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/initial_access_identity_oauth_phishing_via_first_party_microsoft_application/ 2026-01-12T13:45:50+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_sharepoint_body_credential_theft/ 2026-01-10T00:12:09+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_protection_sign_in_risk_detected/ 2026-01-09T16:27:52+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_protection_user_risk_detected/ 2026-01-09T16:27:52+00:00 https://detection.fyi/tags/use-case-risk-detection/ 2026-01-09T16:27:52+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_suspicious_user_mandatory_profile_file/ 2026-01-09T09:35:47+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_via_token_theft/ 2026-01-09T09:23:37+00:00 https://detection.fyi/elastic/detection-rules/network/initial_access_smb_windows_file_sharing_activity_to_the_internet/ 2026-01-08T21:52:09+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_sendgrid_free_email_provider/ 2026-01-08T21:18:38+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_skia_headless/ 2026-01-08T17:40:40+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_adobe_sign/ 2026-01-08T17:07:47+00:00 https://detection.fyi/elastic/detection-rules/integrations/github/impact_github_repository_activity_from_unusual_ip/ 2026-01-08T16:19:12+00:00 https://detection.fyi/elastic/detection-rules/linux/credential_access_aws_creds_search_inside_container/ 2026-01-08T12:32:43+00:00 https://detection.fyi/elastic/detection-rules/linux/credential_access_gh_auth_via_nodejs/ 2026-01-08T12:32:43+00:00 https://detection.fyi/elastic/detection-rules/linux/credential_access_kubernetes_service_account_secret_access/ 2026-01-08T12:32:43+00:00 https://detection.fyi/elastic/detection-rules/linux/credential_access_gdb_init_process_hooking/ 2026-01-08T12:32:43+00:00 https://detection.fyi/elastic/detection-rules/linux/credential_access_manual_memory_dumping/ 2026-01-08T12:32:43+00:00 https://detection.fyi/elastic/detection-rules/linux/credential_access_potential_linux_ssh_bruteforce_external/ 2026-01-08T12:32:43+00:00 https://detection.fyi/elastic/detection-rules/linux/credential_access_potential_linux_ssh_bruteforce_internal/ 2026-01-08T12:32:43+00:00 https://detection.fyi/elastic/detection-rules/linux/credential_access_proc_credential_dumping/ 2026-01-08T12:32:43+00:00 https://detection.fyi/elastic/detection-rules/linux/credential_access_credential_dumping/ 2026-01-08T12:32:43+00:00 https://detection.fyi/elastic/detection-rules/linux/credential_access_potential_linux_local_account_bruteforce/ 2026-01-08T12:32:43+00:00 https://detection.fyi/elastic/detection-rules/linux/credential_access_ssh_backdoor_log/ 2026-01-08T12:32:43+00:00 https://detection.fyi/elastic/detection-rules/linux/credential_access_potential_successful_linux_ssh_bruteforce/ 2026-01-08T12:32:43+00:00 https://detection.fyi/elastic/detection-rules/linux/credential_access_collection_sensitive_files_compression_inside_container/ 2026-01-08T12:32:43+00:00 https://detection.fyi/elastic/detection-rules/linux/credential_access_sensitive_keys_or_passwords_search_inside_container/ 2026-01-08T12:32:43+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_abnormal_process_id_file_created/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_process_started_in_shared_memory_directory/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_tc_bpf_filter/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_container_management_binary_launched_inside_container/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_egress_connection_from_entrypoint_in_container/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_cupsd_foomatic_rip_file_creation/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_file_execution_followed_by_deletion/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_unusual_interactive_process_inside_container/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_perl_tty_shell/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_python_tty_shell/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_nc_listener_via_rlwrap/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_netcon_from_rwx_mem_region_binary/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_network_event_post_compilation/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_shell_openssl_client_or_server/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_remote_code_execution_via_postgresql/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_shell_via_meterpreter_linux/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_shell_via_tcp_cli_utility_linux/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_shell_via_background_process/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_shell_via_child_tcp_utility_linux/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_shell_via_java_revshell_linux/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_shell_via_suspicious_binary/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_shell_via_lolbin_interpreter_linux/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_shell_via_udp_cli_utility_linux/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_interpreter_tty_upgrade/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_cupsd_foomatic_rip_lp_user_execution/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_potentially_overly_permissive_container_creation/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_process_backgrounded_by_unusual_parent/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_sus_extraction_or_decrompression_via_funzip/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_file_made_executable_via_chmod_inside_container/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_suspicious_mining_process_creation_events/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_unusual_path_invocation_from_command_line/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_suspicious_executable_running_system_commands/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_system_binary_file_permission_change/ 2026-01-08T10:10:46+00:00 https://detection.fyi/tags/threat-bpfdoor/ 2026-01-08T10:10:46+00:00 https://detection.fyi/tags/threat-triplecross/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_unix_socket_communication/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_unknown_rwx_mem_region_binary_executed/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_unusual_pkexec_execution/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_python_webserver_spawned/ 2026-01-08T10:10:46+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_esxi_software_via_find/ 2026-01-08T09:45:32+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_esxi_software_via_grep/ 2026-01-08T09:45:32+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_kernel_seeking/ 2026-01-08T09:45:32+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_kernel_unpacking/ 2026-01-08T09:45:32+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_manual_mount_discovery_via_exports_or_fstab/ 2026-01-08T09:45:32+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_pam_version_discovery/ 2026-01-08T09:45:32+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_polkit_version_discovery/ 2026-01-08T09:45:32+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_ping_sweep_detected/ 2026-01-08T09:45:32+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_private_key_password_searching_activity/ 2026-01-08T09:45:32+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_process_capabilities/ 2026-01-08T09:45:32+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_suid_sguid_enumeration/ 2026-01-08T09:45:32+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_proc_maps_read/ 2026-01-08T09:45:32+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_dynamic_linker_via_od/ 2026-01-08T09:45:32+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_suspicious_memory_grep_activity/ 2026-01-08T09:45:32+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_suspicious_network_tool_launched_inside_container/ 2026-01-08T09:45:32+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_kernel_module_enumeration/ 2026-01-08T09:45:32+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_unusual_user_enumeration_via_id/ 2026-01-08T09:45:32+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_virtual_machine_fingerprinting/ 2026-01-08T09:45:32+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_yum_dnf_plugin_detection/ 2026-01-08T09:45:32+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_acl_modification_via_setfacl/ 2026-01-08T09:11:05+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_clear_kernel_ring_buffer/ 2026-01-08T09:11:05+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_attempt_to_disable_auditd_service/ 2026-01-08T09:11:05+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_attempt_to_disable_iptables_or_firewall/ 2026-01-08T09:11:05+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_attempt_to_disable_syslog_service/ 2026-01-08T09:11:05+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_base16_or_base32_encoding_or_decoding_activity/ 2026-01-08T09:11:05+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_directory_creation_in_bin/ 2026-01-08T09:11:05+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_dynamic_linker_file_creation/ 2026-01-08T09:11:05+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_file_deletion_via_shred/ 2026-01-08T09:11:05+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_chattr_immutable_file/ 2026-01-08T09:11:05+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_file_mod_writable_dir/ 2026-01-08T09:11:05+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_creation_of_hidden_files_directories/ 2026-01-08T09:11:05+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_doas_configuration_creation_or_rename/ 2026-01-08T09:11:05+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_disable_selinux_attempt/ 2026-01-08T09:11:05+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_hex_payload_execution_via_commandline/ 2026-01-08T09:11:05+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_hex_payload_execution_via_utility/ 2026-01-08T09:11:05+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_authorized_keys_file_deletion/ 2026-01-08T09:11:05+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_binary_copied_to_suspicious_directory/ 2026-01-08T09:11:05+00:00 https://detection.fyi/elastic/detection-rules/linux/lateral_movement_telnet_network_activity_external/ 2026-01-08T09:01:11+00:00 https://detection.fyi/elastic/detection-rules/linux/lateral_movement_telnet_network_activity_internal/ 2026-01-08T09:01:11+00:00 https://detection.fyi/elastic/detection-rules/linux/impact_memory_swap_modification/ 2026-01-08T09:01:11+00:00 https://detection.fyi/elastic/detection-rules/linux/exfiltration_potential_data_splitting_for_exfiltration/ 2026-01-08T09:01:11+00:00 https://detection.fyi/elastic/detection-rules/linux/impact_potential_linux_ransomware_note_detected/ 2026-01-08T09:01:11+00:00 https://detection.fyi/elastic/detection-rules/linux/lateral_movement_ssh_it_worm_download/ 2026-01-08T09:01:11+00:00 https://detection.fyi/elastic/detection-rules/linux/initial_access_successful_ssh_authentication_by_unusual_ip/ 2026-01-08T09:01:11+00:00 https://detection.fyi/elastic/detection-rules/linux/initial_access_first_time_public_key_authentication/ 2026-01-08T09:01:11+00:00 https://detection.fyi/elastic/detection-rules/linux/initial_access_successful_ssh_authentication_by_unusual_user/ 2026-01-08T09:01:11+00:00 https://detection.fyi/elastic/detection-rules/linux/impact_data_encrypted_via_openssl/ 2026-01-08T09:01:11+00:00 https://detection.fyi/elastic/detection-rules/linux/impact_esxi_process_kill/ 2026-01-08T09:01:11+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_unusual_pam_grantor/ 2026-01-08T08:32:57+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_unpack_initramfs_via_unmkinitramfs/ 2026-01-08T08:32:57+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_user_credential_modification_via_echo/ 2026-01-08T08:32:57+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_xdg_autostart_netcon/ 2026-01-08T08:32:57+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_suspicious_ssh_execution_xzbackdoor/ 2026-01-08T08:32:57+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_systemd_generator_creation/ 2026-01-08T08:32:57+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_systemd_service_creation/ 2026-01-08T08:32:57+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_systemd_service_started/ 2026-01-08T08:32:57+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_systemd_shell_execution/ 2026-01-08T08:32:57+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_systemd_scheduled_timer_created/ 2026-01-08T08:32:57+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_tainted_kernel_module_load/ 2026-01-08T08:32:57+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_tainted_kernel_module_out_of_tree_load/ 2026-01-08T08:32:57+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_web_server_sus_destination_port/ 2026-01-08T08:32:57+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_unusual_exim4_child_process/ 2026-01-08T08:32:57+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_unusual_sshd_child_process/ 2026-01-08T08:32:57+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_web_server_unusual_command_execution/ 2026-01-08T08:32:57+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_user_or_group_creation_or_modification/ 2026-01-08T08:32:57+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_godaddy_infra/ 2026-01-07T23:03:13+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_persistence_phantom_dll/ 2026-01-07T21:03:44+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/defense_evasion_masquerading_space_after_filename/ 2026-01-07T15:40:37+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/persistence_ssh_authorized_keys_modification/ 2026-01-07T15:40:37+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/privilege_escalation_sudoers_file_mod/ 2026-01-07T15:40:37+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/privilege_escalation_setuid_setgid_bit_set_via_chmod/ 2026-01-07T15:40:37+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/defense_evasion_deletion_of_bash_command_line_history/ 2026-01-07T15:40:37+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/defense_evasion_timestomp_touch/ 2026-01-07T15:40:37+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_docker_release_file_creation/ 2026-01-07T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_load_and_unload_of_kernel_via_kexec/ 2026-01-07T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_mount_launched_inside_container/ 2026-01-07T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_unshare_namespace_manipulation/ 2026-01-07T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_cve_2025_32463_nsswitch_file_creation/ 2026-01-07T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_cve_2025_41244_vmtoolsd_lpe/ 2026-01-07T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_docker_escape_via_nsenter/ 2026-01-07T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_container_util_misconfiguration/ 2026-01-07T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_dac_permissions/ 2026-01-07T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_suspicious_cap_setuid_python_execution/ 2026-01-07T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_uid_change_post_compilation/ 2026-01-07T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_potential_suid_sgid_proxy_execution/ 2026-01-07T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_shadow_file_read/ 2026-01-07T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_potential_wildcard_shell_spawn/ 2026-01-07T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_sudo_hijacking/ 2026-01-07T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_sudo_cve_2019_14287/ 2026-01-07T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_chown_chmod_unauthorized_file_read/ 2026-01-07T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_suspicious_uid_guid_elevation/ 2026-01-07T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_potential_suid_sgid_exploitation/ 2026-01-07T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_uid_elevation_from_unknown_executable/ 2026-01-07T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_apt_package_manager_file_creation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_at_job_creation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_boot_file_copy/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_chkconfig_service_add/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_cron_job_creation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_dbus_service_creation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_dnf_package_manager_plugin_file_creation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_dpkg_package_installation_from_unusual_parent/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_dracut_module_creation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_potential_persistence_script_executable_bit_set/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_git_hook_process_execution/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_git_hook_execution/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_git_hook_file_creation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_git_hook_netcon/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_grub_configuration_creation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_grub_makeconfig/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_extract_initramfs_via_cpio/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_kde_autostart_modification/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_kernel_driver_load_by_non_root/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_kernel_object_file_creation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_linux_group_creation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_linux_user_account_creation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_linux_user_added_to_privileged_group/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_lkm_configuration_file_creation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_manual_dracut_execution/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_message_of_the_day_creation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_ssh_netcon/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_openssl_passwd_hash_generation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_pluggable_authentication_module_creation_in_unusual_dir/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_pluggable_authentication_module_source_download/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_pluggable_authentication_module_creation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_polkit_policy_creation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_pluggable_authentication_module_pam_exec_backdoor_exec/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_rc_local_service_already_running/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_linux_backdoor_user_creation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_process_capability_set_via_setcap/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_message_of_the_day_execution/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_rc_script_creation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_credential_access_modify_ssh_binaries/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_rpm_package_installation_from_unusual_parent/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_setuid_setgid_capability_set/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_shadow_file_modification/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_shared_object_creation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_shell_configuration_modification/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_simple_web_server_connection_accepted/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_simple_web_server_creation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_apt_package_manager_execution/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_apt_package_manager_netcon/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_linux_shell_activity_via_web_server/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_kworker_file_creation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_rc_local_error_via_syslog/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_bpf_probe_write_user/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_init_d_file_creation/ 2026-01-07T15:18:38+00:00 https://detection.fyi/tags/threat-lightning-framework/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_dbus_unsual_daemon_parent_execution/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_dpkg_unusual_execution/ 2026-01-07T15:18:38+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_journalctl_clear_logs/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_hidden_file_dir_tmp/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_hidden_shared_object/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_ld_so_creation/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_kthreadd_masquerading/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_var_log_file_creation_by_unsual_process/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_hidden_directory_creation/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_kernel_module_removal/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_kill_command_executed/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_multi_base64_decoding_attempt/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_potential_proot_exploits/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_mount_execution/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_prctl_process_name_tampering/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_sus_utility_executed_via_tmux_or_screen/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_root_certificate_installation/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_selinux_configuration_creation_or_renaming/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_ssl_certificate_deletion/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_sysctl_kernel_feature_activity/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_suspicious_path_mounted/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_rename_esxi_files/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_log_files_deleted/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_interactive_shell_from_system_user/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_unsual_kill_signal/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_ld_preload_cmdline/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_unusual_preload_env_vars/ 2026-01-07T14:55:06+00:00 https://detection.fyi/elastic/detection-rules/linux/command_and_control_ip_forwarding_activity/ 2026-01-06T16:00:55+00:00 https://detection.fyi/elastic/detection-rules/linux/command_and_control_telegram_api_request/ 2026-01-06T16:00:55+00:00 https://detection.fyi/elastic/detection-rules/linux/command_and_control_linux_chisel_client_activity/ 2026-01-06T16:00:55+00:00 https://detection.fyi/elastic/detection-rules/linux/command_and_control_tunneling_via_earthworm/ 2026-01-06T16:00:55+00:00 https://detection.fyi/elastic/detection-rules/linux/command_and_control_linux_proxychains_activity/ 2026-01-06T16:00:55+00:00 https://detection.fyi/elastic/detection-rules/linux/command_and_control_linux_suspicious_proxychains_activity/ 2026-01-06T16:00:55+00:00 https://detection.fyi/elastic/detection-rules/linux/command_and_control_aws_cli_endpoint_url_used/ 2026-01-06T15:18:04+00:00 https://detection.fyi/elastic/detection-rules/linux/command_and_control_curl_socks_proxy_detected/ 2026-01-06T15:18:04+00:00 https://detection.fyi/elastic/detection-rules/linux/command_and_control_git_repo_or_file_download_to_sus_dir/ 2026-01-06T15:18:04+00:00 https://detection.fyi/elastic/detection-rules/linux/command_and_control_cat_network_activity/ 2026-01-06T15:18:04+00:00 https://detection.fyi/sublime-security/sublime-rules/link_gophish_rid/ 2026-01-05T20:18:35+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_adobe_image_lure/ 2026-01-05T19:16:46+00:00 https://detection.fyi/tags/attack.t1553.004/ 2026-01-05T07:16:17+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_local_account/ 2026-01-05T07:16:17+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_install_suspicious_packages/ 2026-01-05T07:16:17+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_webshell_detection/ 2026-01-02T15:45:50+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/multiple_alerts_edr_elastic_same_process_tree/ 2026-01-02T15:13:25+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/initial_access_execution_susp_react_serv_child/ 2026-01-01T18:27:33+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_sus_employee_doc/ 2025-12-26T16:11:49+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_curl_custom_user_agent/ 2025-12-25T15:05:48+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_curl_download_direct_ip_exec/ 2025-12-25T15:05:48+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_curl_insecure_proxy_or_doh/ 2025-12-25T15:05:48+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_curl_insecure_connection/ 2025-12-25T15:05:48+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_curl_local_file_read/ 2025-12-25T15:05:48+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_curl_cookie_hijacking/ 2025-12-25T15:05:48+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_curl_download_susp_file_sharing_domains/ 2025-12-25T15:05:48+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_curl_download_direct_ip_susp_extensions/ 2025-12-25T15:05:48+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/ 2025-12-24T16:50:21+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/application_error/ 2025-12-24T16:50:21+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/applocker/ 2025-12-24T16:50:21+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/applocker/win_applocker_application_was_prevented_from_running/ 2025-12-24T16:50:21+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/appmodel_runtime/ 2025-12-24T16:50:21+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/appxdeployment_server/win_appxdeployment_server_appx_package_in_staging_directory/ 2025-12-24T16:50:21+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/appxdeployment_server/win_appxdeployment_server_uncommon_package_locations/ 2025-12-24T16:50:21+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/appxdeployment_server/win_appxdeployment_server_appx_package_deployment_failed_signing_requirements/ 2025-12-24T16:50:21+00:00 https://detection.fyi/tags/attack.t1059.006/ 2025-12-24T16:50:21+00:00 https://detection.fyi/tags/attack.t1211/ 2025-12-24T16:50:21+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/appxdeployment_server/win_appxdeployment_server_applocker_block/ 2025-12-24T16:50:21+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/appxdeployment_server/win_appxdeployment_server_policy_block/ 2025-12-24T16:50:21+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/application_error/win_application_error_lsass_crash/ 2025-12-24T16:50:21+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/application_error/win_application_error_msmpeng_crash/ 2025-12-24T16:50:21+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/appxdeployment_server/win_appxdeployment_server_mal_appx_names/ 2025-12-24T16:50:21+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/appxdeployment_server/win_appxdeployment_server_appx_downloaded_from_file_sharing_domains/ 2025-12-24T16:50:21+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/appmodel_runtime/win_appmodel_runtime_sysinternals_tools_appx_execution/ 2025-12-24T16:50:21+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/persistence_entra_id_rt_to_prt_transition_from_user_device/ 2025-12-21T21:30:32+00:00 https://detection.fyi/tags/attack.t1127/ 2025-12-21T17:07:30+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_arcsoc_susp_child_process/ 2025-12-21T17:07:30+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_arcsoc_susp_file_created/ 2025-12-21T17:07:30+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_formester_suspicious_link/ 2025-12-19T18:11:08+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_wkhtmltopdf_default/ 2025-12-19T16:47:11+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_google_drive_file_share/ 2025-12-19T16:09:02+00:00 https://detection.fyi/tags/data-source-cisco-ftd/ 2025-12-19T12:22:44+00:00 https://detection.fyi/tags/domain-application/ 2025-12-19T12:22:44+00:00 https://detection.fyi/elastic/detection-rules/network/initial_access_react_server_rce_network_alerts/ 2025-12-19T12:22:44+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_rare_app_id_for_principal_auth/ 2025-12-19T01:04:11+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_oauth_user_impersonation_scope/ 2025-12-19T00:55:02+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/initial_access_kali_user_agent_detected_with_aws_cli/ 2025-12-18T21:13:34+00:00 https://detection.fyi/tags/use-case-cloud-threat-detection/ 2025-12-18T21:13:34+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/discovery_ec2_userdata_request_for_ec2_instance/ 2025-12-18T16:47:59+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/privilege_escalation_role_assumption_by_service/ 2025-12-18T16:47:59+00:00 https://detection.fyi/tags/data-source-amazon-ec2/ 2025-12-18T16:47:59+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/persistence_shell_profile_modification/ 2025-12-18T15:30:12+00:00 https://detection.fyi/elastic/detection-rules/integrations/problemchild/defense_evasion_ml_suspicious_windows_event_low_probability/ 2025-12-18T15:30:12+00:00 https://detection.fyi/elastic/detection-rules/integrations/github/initial_access_github_actions_bot_first_push_to_repo/ 2025-12-18T14:58:57+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_masquerading_business_apps_installer/ 2025-12-18T10:38:18+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_masquerading_communication_apps/ 2025-12-18T10:38:18+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_communication_apps_suspicious_child_process/ 2025-12-18T10:38:18+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_docx_hyperlink_targeting_recipient/ 2025-12-17T20:30:08+00:00 https://detection.fyi/elastic/detection-rules/integrations/github/initial_access_github_actions_workflow_injection_blocked/ 2025-12-17T19:29:33+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_google_app_integration/ 2025-12-17T18:45:37+00:00 https://detection.fyi/sublime-security/sublime-rules/xero_invoice_abuse/ 2025-12-17T16:55:14+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_state_farm/ 2025-12-17T16:29:20+00:00 https://detection.fyi/sublime-security/sublime-rules/link_content_credential_phishing/ 2025-12-17T13:14:59+00:00 https://detection.fyi/tags/data-source-check-point-harmony-email-collaboration/ 2025-12-15T15:33:10+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/multiple_alerts_email_elastic_defend_correlation/ 2025-12-15T15:33:10+00:00 https://detection.fyi/elastic/detection-rules/linux/command_and_control_potential_tunneling_command_line/ 2025-12-15T09:44:08+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_security_file_access_via_common_utility/ 2025-12-15T09:25:36+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_wise/ 2025-12-12T22:07:19+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_credential_access_kerberos_correlation/ 2025-12-12T18:14:26+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/defense_evasion_agent_spoofing_multiple_hosts/ 2025-12-12T17:47:11+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_suspicious_short_program_name/ 2025-12-12T17:25:00+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_phishing_msteams_invite/ 2025-12-12T15:04:09+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_indirect_exec_forfiles/ 2025-12-12T14:28:12+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_shell_evasion_linux_binary/ 2025-12-12T14:28:12+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_dollar_account_relay/ 2025-12-12T14:28:12+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_remote_file_copy_hidden_share/ 2025-12-12T14:28:12+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_suspicious_scheduled_task_runtime/ 2025-12-12T14:28:12+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_service_windows_service_winlog/ 2025-12-12T14:28:12+00:00 https://detection.fyi/tags/attack.s0139/ 2025-12-12T02:19:27+00:00 https://detection.fyi/tags/attack.t1027/ 2025-12-12T02:19:27+00:00 https://detection.fyi/tags/attack.t1564.004/ 2025-12-12T02:19:27+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/bits_client/win_bits_client_new_transfer_via_file_sharing_domains/ 2025-12-12T02:19:27+00:00 https://detection.fyi/sigmahq/sigma/windows/create_stream_hash/ 2025-12-12T02:19:27+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_susp_file_sharing_domains_susp_folders/ 2025-12-12T02:19:27+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_susp_initiated_uncommon_or_suspicious_locations/ 2025-12-12T02:19:27+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/ 2025-12-12T02:19:27+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_download_susp_file_sharing_domains/ 2025-12-12T02:19:27+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wget_download_susp_file_sharing_domains/ 2025-12-12T02:19:27+00:00 https://detection.fyi/sigmahq/sigma/windows/create_stream_hash/create_stream_hash_file_sharing_domains_download_susp_extension/ 2025-12-12T02:19:27+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_certutil_download_file_sharing_domains/ 2025-12-12T02:19:27+00:00 https://detection.fyi/sigmahq/sigma/windows/create_stream_hash/create_stream_hash_file_sharing_domains_download_unusual_extension/ 2025-12-12T02:19:27+00:00 https://detection.fyi/sublime-security/sublime-rules/scam_piano/ 2025-12-11T19:07:53+00:00 https://detection.fyi/sublime-security/sublime-rules/link_google_presentation_open_redirect/ 2025-12-11T15:54:47+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_comp_review/ 2025-12-10T19:51:18+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/persistence_automation_account_created/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/execution_automation_runbook_created_or_modified/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/defense_evasion_automation_runbook_deleted/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/persistence_automation_webhook_created/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/discovery_storage_blob_container_access_modification/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/defense_evasion_storage_blob_permissions_modified/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/execution_compute_vm_command_executed/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/defense_evasion_security_alert_suppression_rule_created/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/defense_evasion_insights_diagnostic_settings_deletion/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/persistence_event_hub_created_or_updated/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/defense_evasion_event_hub_deletion/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/credential_access_key_vault_excessive_retrieval/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/impact_key_vault_modified_by_unusual_user/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/credential_access_key_vault_retrieval_from_rare_identity/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/defense_evasion_kubernetes_events_deleted/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/impact_kubernetes_pod_deleted/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/privilege_escalation_kubernetes_aks_rolebinding_created/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/impact_resources_resource_group_deletion/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/defense_evasion_network_frontdoor_firewall_policy_deletion/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/defense_evasion_network_firewall_policy_deletion/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/credential_access_network_full_network_packet_capture_detected/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/defense_evasion_network_watcher_deletion/ 2025-12-10T17:59:50+00:00 https://detection.fyi/tags/data-source-azure-key-vault/ 2025-12-10T17:59:50+00:00 https://detection.fyi/tags/data-source-azure-platform-logs/ 2025-12-10T17:59:50+00:00 https://detection.fyi/tags/data-source-graph-api/ 2025-12-10T17:59:50+00:00 https://detection.fyi/tags/data-source-graph-api-activity-logs/ 2025-12-10T17:59:50+00:00 https://detection.fyi/tags/data-source-microsoft-entra-id-protection-logs/ 2025-12-10T17:59:50+00:00 https://detection.fyi/tags/data-source-microsoft-exchange/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/persistence_entra_id_suspicious_adrs_token_request/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/persistence_entra_id_application_credential_modification/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/credential_access_entra_id_suspicious_signin/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/persistence_entra_id_conditional_access_policy_modified/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/privilege_escalation_entra_id_elevate_to_user_administrator_access/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/persistence_graph_eam_addition_or_modification/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_external_guest_user_invite/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/persistence_entra_id_global_administrator_role_assigned/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/persistence_entra_id_pim_user_added_global_admin/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_high_risk_signin/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_risky_user_or_compromised_sign_in/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_illicit_consent_grant_via_registered_application/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/credential_access_entra_id_totp_brute_force_attempts/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_device_code_auth_with_broker_client/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_suspicious_oauth_flow_via_auth_broker_to_drs/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_unusual_ropc_login_attempt/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_powershell_signin/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/persistence_entra_id_privileged_identity_management_role_modified/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_protection_alerts_for_user/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/persistence_identity_protect_alert_followed_by_device_reg/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/persistence_entra_id_service_principal_created/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/persistence_entra_id_service_principal_credentials_added/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/discovery_bloodhound_user_agents_detected/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/credential_access_entra_id_signin_brute_force_microsoft_365/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/discovery_entra_id_teamfiltration_user_agents_detected/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/persistence_entra_id_user_added_as_owner_for_azure_application/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/persistence_entra_id_user_added_as_owner_for_azure_service_principal/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_user_reported_risk/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/credential_access_entra_id_brute_force_activity/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_rare_authentication_requirement_for_principal_user/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/defense_evasion_exchange_anti_phish_policy_deletion/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/defense_evasion_exchange_anti_phish_rule_modification/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/defense_evasion_exchange_dkim_signing_config_disabled/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/defense_evasion_exchange_safe_attach_rule_disabled/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/defense_evasion_exchange_exchange_safelinks_disabled/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/privilege_escalation_exchange_new_or_modified_federation_domain/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/exfiltration_exchange_transport_rule_creation/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/exfiltration_exchange_transport_rule_modification/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/collection_exchange_mailbox_access_by_unusual_client_app_id/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/defense_evasion_exchange_mailbox_audit_bypass_association/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/persistence_exchange_suspicious_mailbox_permission_delegation/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/collection_exchange_excessive_mail_items_accessed/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/defense_evasion_exchange_malware_filter_policy_deletion/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/defense_evasion_exchange_malware_filter_rule_mod/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/persistence_exchange_management_role_assignment/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/persistence_entra_id_global_administrator_role_assign/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/credential_access_entra_id_device_reg_via_oauth_redirection/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/initial_access_identity_illicit_consent_grant_via_registered_application/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/credential_access_identity_user_account_lockouts/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/credential_access_entra_id_potential_user_account_brute_force/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/initial_access_azure_o365_with_network_alert/ 2025-12-10T17:59:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/defense_evasion_teams_custom_app_interaction_allowed/ 2025-12-10T17:59:50+00:00 https://detection.fyi/sublime-security/sublime-rules/credential_phishing_docusign_html_table_forgery/ 2025-12-10T16:44:41+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_microsoft_via_html_table_quarantine/ 2025-12-10T16:44:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_outlook_left_to_right_exploit/ 2025-12-10T16:44:41+00:00 https://detection.fyi/elastic/detection-rules/integrations/github/initial_access_github_register_self_hosted_runner/ 2025-12-10T15:55:47+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_edr_freeze/ 2025-12-10T14:29:38+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_werfaultsecure_abuse/ 2025-12-10T14:29:38+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/ 2025-12-10T14:29:38+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_werfaultsecure_msmpeng_access/ 2025-12-10T14:29:38+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_susp_dbgcore_dbghelp_load/ 2025-12-10T14:29:38+00:00 https://detection.fyi/tags/attack.t1069/ 2025-12-10T14:15:19+00:00 https://detection.fyi/tags/attack.t1087/ 2025-12-10T14:15:19+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_malicious_commandlets/ 2025-12-10T14:15:19+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_malicious_cmdlets/ 2025-12-10T14:15:19+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_malicious_commandlets/ 2025-12-10T14:15:19+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_powershell_exploit_scripts/ 2025-12-10T14:15:19+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_exploit_scripts/ 2025-12-10T14:15:19+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/ 2025-12-10T14:15:19+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-55182/ 2025-12-10T02:13:14+00:00 https://detection.fyi/tags/cve.2025-55182/ 2025-12-10T02:13:14+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-55182/proc_creation_lnx_exploit_cve_2025_55182_susp_nodejs_server_child_process/ 2025-12-10T02:13:14+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-55182/proc_creation_win_exploit_cve_2025_55182_susp_nodejs_server_child_process/ 2025-12-10T02:13:14+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/impact_s3_static_site_js_file_uploaded/ 2025-12-10T01:05:20+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/defense_evasion_whitespace_padding_command_line/ 2025-12-10T01:05:20+00:00 https://detection.fyi/tags/data-source-entra-audit-logs/ 2025-12-10T01:05:20+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_actor_token_user_impersonation_abuse/ 2025-12-10T01:05:20+00:00 https://detection.fyi/tags/use-case-web-application-compromise/ 2025-12-10T01:05:20+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_masquerading_as_svchost/ 2025-12-09T21:56:38+00:00 https://detection.fyi/tags/attack.t1566/ 2025-12-09T09:17:50+00:00 https://detection.fyi/tags/attack.t1566.002/ 2025-12-09T09:17:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/ 2025-12-09T09:17:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/ 2025-12-09T09:17:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/ 2025-12-09T09:17:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_cloudtrail_ssm_malicious_usage/ 2025-12-09T09:17:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_eventlog_content_recon/ 2025-12-09T03:03:59+00:00 https://detection.fyi/tags/attack.impact/ 2025-12-09T02:44:51+00:00 https://detection.fyi/tags/attack.t1006/ 2025-12-09T02:44:51+00:00 https://detection.fyi/tags/attack.t1070.006/ 2025-12-09T02:44:51+00:00 https://detection.fyi/tags/attack.t1490/ 2025-12-09T02:44:51+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_werfault_dll_hijacking/ 2025-12-09T02:44:51+00:00 https://detection.fyi/sigmahq/sigma/windows/raw_access_thread/raw_access_thread_susp_disk_access_using_uncommon_tools/ 2025-12-09T02:44:51+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_from_non_system_location/ 2025-12-09T02:44:51+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_dll_vsstrace_susp_load/ 2025-12-09T02:44:51+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_wdac_policy_creation/ 2025-12-09T02:44:51+00:00 https://detection.fyi/sigmahq/sigma/windows/raw_access_thread/ 2025-12-09T02:44:51+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/ 2025-12-09T02:44:51+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_startup_folder_file_write/ 2025-12-09T02:44:51+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_time_modification/ 2025-12-09T02:44:51+00:00 https://detection.fyi/tags/attack.t1055/ 2025-12-09T02:36:14+00:00 https://detection.fyi/tags/attack.t1486/ 2025-12-09T02:36:14+00:00 https://detection.fyi/sigmahq/sigma/windows/create_remote_thread/ 2025-12-09T02:36:14+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_dll_rstrtmgr_uncommon_load/ 2025-12-09T02:36:14+00:00 https://detection.fyi/sigmahq/sigma/windows/create_remote_thread/create_remote_thread_win_susp_relevant_source_image/ 2025-12-09T02:36:14+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_asep_reg_keys_modification_wow6432node/ 2025-12-09T02:36:14+00:00 https://detection.fyi/tags/attack.t1056.002/ 2025-12-09T02:30:03+00:00 https://detection.fyi/tags/attack.t1547.009/ 2025-12-09T02:30:03+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_dll_credui_uncommon_process_load/ 2025-12-09T02:30:03+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_desktop_ini_created_by_uncommon_process/ 2025-12-09T02:30:03+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_office_processes/ 2025-12-09T02:30:03+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_gui_input_capture/ 2025-12-09T02:18:04+00:00 https://detection.fyi/sigmahq/sigma/macos/ 2025-12-09T02:18:04+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/ 2025-12-09T02:18:04+00:00 https://detection.fyi/tags/data-source-network-traffic/ 2025-12-08T16:37:46+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/initial_access_file_upload_followed_by_get_request/ 2025-12-08T16:37:46+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_suspicious_pod_or_container_creation_command_execution/ 2025-12-08T16:37:46+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/ml_azure_rare_event_failures/ 2025-12-08T16:37:46+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/ml_azure_event_failures/ 2025-12-08T16:37:46+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/ml_azure_rare_method_by_user/ 2025-12-08T16:37:46+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/ml_azure_rare_method_by_city/ 2025-12-08T16:37:46+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/ml_azure_rare_method_by_country/ 2025-12-08T16:37:46+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/lnx_auditd_disable_aslr_protection/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.exfiltration/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.resource-development/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1027.001/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1027.003/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1030/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1033/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1040/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1048.003/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1055.009/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1057/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1068/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1070.002/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1082/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1106/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1113/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1115/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1123/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1136.001/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1222.002/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1485/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1489/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1499/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1505.003/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1529/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1543.002/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1546.004/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1547.006/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1552.003/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1560.001/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1562.004/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1564.001/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1574.006/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1584/ 2025-12-08T15:03:55+00:00 https://detection.fyi/tags/attack.t1587/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/lnx_auditd_audio_capture/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/path/lnx_auditd_auditing_config_change/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_binary_padding/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/path/lnx_auditd_bpfdoor_file_accessed/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_bpfdoor_port_redirect/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/syscall/lnx_auditd_clean_disable_dmesg_logs_via_syslog/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_clipboard_image_collection/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_clipboard_collection/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/syscall/lnx_auditd_create_account/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_find_cred_in_files/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_data_compressed/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_data_exfil_wget/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/service_stop/lnx_auditd_disable_system_firewall/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_file_or_folder_permissions/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_change_file_time_attr/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_hidden_files_directories/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_capabilities_discovery/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/syscall/lnx_auditd_network_service_scanning/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/syscall/lnx_auditd_load_module_insmod/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/path/lnx_auditd_logging_config_change/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_masquerading_crond/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/path/lnx_auditd_ld_so_preload_mod/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_modify_system_firewall/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_network_sniffing/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_dd_delete_file/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/path/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_coinminer/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/path/lnx_auditd_magic_system_request_key/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/syscall/lnx_auditd_susp_exe_folders/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_chattr_immutable_removal/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_screencapture_import/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_screencaputre_xwd/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_susp_service_reload_or_restart/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/service_stop/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/syscall/lnx_auditd_susp_special_file_creation_via_mknod_syscall/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/syscall/lnx_auditd_split_file_into_pieces/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_steghide_extract_steganography/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_steghide_embed_steganography/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_hidden_zip_files_steganography/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_unzip_hidden_zip_files_steganography/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_susp_cmds/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_susp_histfile_operations/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/syscall/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/path/lnx_auditd_system_info_discovery2/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/syscall/lnx_auditd_susp_discovery_sysinfo_syscall/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_user_discovery/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/execve/lnx_auditd_system_shutdown_reboot/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/path/lnx_auditd_systemd_service_creation/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/path/lnx_auditd_unix_shell_configuration_modification/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/path/lnx_auditd_hidden_binary_execution/ 2025-12-08T15:03:55+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/syscall/lnx_auditd_web_rce/ 2025-12-08T15:03:55+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_scheduled_task_target/ 2025-12-08T13:10:20+00:00 https://detection.fyi/sublime-security/sublime-rules/suspicious_request_financial/ 2025-12-06T07:35:26+00:00 https://detection.fyi/tags/data-source-network-packet-capture/ 2025-12-05T23:37:54+00:00 https://detection.fyi/elastic/detection-rules/network/initial_access_react_server_components_rce_attempt/ 2025-12-05T23:37:54+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/execution_aws_ec2_lolbin_via_ssm/ 2025-12-05T21:14:33+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/defense_evasion_genai_process_compiling_executables/ 2025-12-05T18:26:56+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/command_and_control_genai_process_suspicious_tld_connection/ 2025-12-05T18:26:56+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/defense_evasion_genai_process_encoding_prior_to_network_activity/ 2025-12-05T18:26:56+00:00 https://detection.fyi/tags/mitre-atlas-t0053/ 2025-12-05T18:26:56+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/reconnaissance_web_server_unusual_spike_in_error_logs/ 2025-12-05T15:42:52+00:00 https://detection.fyi/tags/data-source-file-integrity-monitoring/ 2025-12-05T09:32:58+00:00 https://detection.fyi/elastic/detection-rules/integrations/fim/ 2025-12-05T09:32:58+00:00 https://detection.fyi/elastic/detection-rules/integrations/fim/persistence_suspicious_file_modifications/ 2025-12-05T09:32:58+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_onenote_form_submission/ 2025-12-04T16:24:53+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/execution_nodejs_pre_or_post_install_script_execution/ 2025-12-04T14:07:12+00:00 https://detection.fyi/tags/attack.t1071/ 2025-12-03T23:55:53+00:00 https://detection.fyi/tags/attack.t1102.002/ 2025-12-03T23:55:53+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_github_self_hosted_runner/ 2025-12-03T23:55:53+00:00 https://detection.fyi/sublime-security/sublime-rules/link_hr_impersonation_with_suspect_domain_and_cred_theft/ 2025-12-03T17:48:25+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_certutil_download/ 2025-12-03T06:12:45+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_certutil_download_direct_ip/ 2025-12-03T06:12:45+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_roomsy/ 2025-12-02T20:44:51+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_firebase_pw_reset/ 2025-12-02T20:40:59+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_zoom_docs_unsolicited_sender/ 2025-12-02T20:33:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_qr_code_in_eml_attachment_with_phishing_indicators/ 2025-12-02T20:31:59+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_google_workspace/ 2025-12-02T17:41:07+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_purdue_eplanroom/ 2025-12-02T17:27:35+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_smtp_proxy/ 2025-12-02T15:53:54+00:00 https://detection.fyi/sublime-security/sublime-rules/link_self_service_sus_rcpt_caps/ 2025-12-02T13:56:15+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/credential_access_trufflehog_execution/ 2025-12-02T10:57:12+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/execution_via_github_actions_runner/ 2025-12-02T10:57:12+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/execution_register_github_actions_runner/ 2025-12-02T10:57:12+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/execution_via_github_runner_with_runner_tracking_id_tampering_via_env_vars/ 2025-12-02T09:22:24+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/credential_access_gitleaks_execution/ 2025-12-02T08:42:19+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/execution_privileged_container_creation_with_host_reference/ 2025-12-02T08:33:16+00:00 https://detection.fyi/sublime-security/sublime-rules/link_multistage_landing_jotform/ 2025-12-01T22:13:10+00:00 https://detection.fyi/elastic/detection-rules/ml/ml_low_count_events_for_a_host_name/ 2025-12-01T21:48:59+00:00 https://detection.fyi/elastic/detection-rules/ml/ml_rare_destination_country/ 2025-12-01T21:48:59+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/ml_cloudtrail_rare_error_code/ 2025-12-01T21:48:59+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/ml_cloudtrail_error_message_spike/ 2025-12-01T21:48:59+00:00 https://detection.fyi/elastic/detection-rules/ml/ml_high_count_network_denies/ 2025-12-01T21:48:59+00:00 https://detection.fyi/elastic/detection-rules/ml/ml_high_count_events_for_a_host_name/ 2025-12-01T21:48:59+00:00 https://detection.fyi/elastic/detection-rules/ml/ml_high_count_network_events/ 2025-12-01T21:48:59+00:00 https://detection.fyi/elastic/detection-rules/ml/ml_spike_in_traffic_to_a_country/ 2025-12-01T21:48:59+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/ml_cloudtrail_rare_method_by_user/ 2025-12-01T21:48:59+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/ml_cloudtrail_rare_method_by_city/ 2025-12-01T21:48:59+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/ml_cloudtrail_rare_method_by_country/ 2025-12-01T21:48:59+00:00 https://detection.fyi/elastic/detection-rules/ml/ml_linux_anomalous_network_activity/ 2025-12-01T21:48:59+00:00 https://detection.fyi/elastic/detection-rules/ml/ml_linux_anomalous_network_port_activity/ 2025-12-01T21:48:59+00:00 https://detection.fyi/elastic/detection-rules/ml/ml_packetbeat_rare_server_domain/ 2025-12-01T21:48:59+00:00 https://detection.fyi/elastic/detection-rules/ml/ml_windows_anomalous_network_activity/ 2025-12-01T21:48:59+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_msi_installer_task_startup/ 2025-12-01T15:54:23+00:00 https://detection.fyi/elastic/detection-rules/windows/impact_mod_critical_os_files/ 2025-12-01T15:45:03+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_browser_extension_install/ 2025-12-01T15:28:25+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_via_application_shimming/ 2025-12-01T15:28:25+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_via_ppid_spoofing/ 2025-12-01T15:28:25+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_tokenmanip_sedebugpriv_enabled/ 2025-12-01T15:28:25+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_unusual_printspooler_childprocess/ 2025-12-01T15:28:25+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_dhl/ 2025-12-01T15:18:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_fake_zoom_invite/ 2025-12-01T15:12:08+00:00 https://detection.fyi/sublime-security/sublime-rules/suspicious_headers_in_body/ 2025-12-01T15:12:01+00:00 https://detection.fyi/sublime-security/sublime-rules/link_crypto_fraud/ 2025-12-01T15:11:52+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_aarp/ 2025-12-01T15:11:16+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_greenvelope/ 2025-12-01T14:42:40+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_wsl_filesystem/ 2025-12-01T13:06:38+00:00 https://detection.fyi/tags/attack.t1562.008/ 2025-11-28T09:33:03+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_cloudtrail_guardduty_detector_deleted_or_updated/ 2025-11-28T09:33:03+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_copy_system_dir_lolbin/ 2025-11-27T22:44:35+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_copy_system_dir/ 2025-11-27T22:44:35+00:00 https://detection.fyi/tags/attack.t1053.005/ 2025-11-27T22:19:13+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_schtasks_execution/ 2025-11-27T22:19:13+00:00 https://detection.fyi/tags/attack.t1027.010/ 2025-11-27T22:00:25+00:00 https://detection.fyi/tags/attack.t1071.004/ 2025-11-27T22:00:25+00:00 https://detection.fyi/tags/attack.t1204.001/ 2025-11-27T22:00:25+00:00 https://detection.fyi/tags/attack.t1204.004/ 2025-11-27T22:00:25+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_finger/ 2025-11-27T22:00:25+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_filefix_typedpath_commands/ 2025-11-27T22:00:25+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_finger_execution/ 2025-11-27T22:00:25+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_finger/ 2025-11-27T22:00:25+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_potential_clickfix_execution/ 2025-11-27T22:00:25+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_clickfix_filefix_whitespace_padding/ 2025-11-27T22:00:25+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_filefix_execution_pattern/ 2025-11-27T22:00:25+00:00 https://detection.fyi/tags/attack.t1595.001/ 2025-11-27T21:36:53+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/grixba/ 2025-11-27T21:36:53+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/grixba/proc_creation_win_malware_grixba_recon/ 2025-11-27T21:36:53+00:00 https://detection.fyi/tags/data-source-gcp-audit-logs/ 2025-11-26T18:15:23+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/ 2025-11-26T18:15:23+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/ml_gcp_rare_error_code/ 2025-11-26T18:15:23+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/ml_gcp_error_message_spike/ 2025-11-26T18:15:23+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/ml_gcp_rare_method_by_city/ 2025-11-26T18:15:23+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/ml_gcp_rare_method_by_country/ 2025-11-26T18:15:23+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/ml_gcp_rare_method_by_user/ 2025-11-26T18:15:23+00:00 https://detection.fyi/sublime-security/sublime-rules/comp_review_qr_attached_eml/ 2025-11-26T13:59:26+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_add_port_monitor/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_add_safeboot/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_advanced_ip_scanner/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_allow_rdp_remote_assistance_feature/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_anydesk_artefact/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1003.002/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1003.003/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1003.004/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1003.005/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1018/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1036.007/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1037.001/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1070.003/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1070.004/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1070.005/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1090.003/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1134.002/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1135/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1137/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1176.001/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1202/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1204/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1217/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1218.001/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1219.002/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1518.001/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1546.008/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1546.015/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1547.010/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1552.006/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1562/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1562.002/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1564.002/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1588.002/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/attack.t1615/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_bypass_uac_using_delegateexecute/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_bypass_uac_using_eventviewer/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_bypass_uac_using_silentcleanup_task/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_certutil_export_pfx/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_assoc_execution/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_browsers_chromium_mockbin_abuse/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_browsers_chromium_load_extension/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_chcp_codepage_lookup/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_add_local_hidden_user/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_cred_dump_tools_dropped_files/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_clip_execution/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_change_rdp_port/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cipher_overwrite_deleted_data/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_rmdir_execution/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dirlister_execution/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_disable_administrative_share/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_disable_defender_firewall/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_disable_security_center_notifications/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dism_remove/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dsquery_domain_trust_discovery/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_driverquery_usage/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_create_evtx_non_common_locations/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_dir_execution/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_certutil_decode/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_browsers_inline_file_download/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_browsers_chromium_headless_file_download/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_certutil_encode/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_explorer_folder_shortcut_via_shell_binary/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_certutil_encode_susp_location/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_creation_system_dll_files/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_findstr_gpp_passwords/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_gpresult_execution/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hh_chm_execution/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_special_accounts/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_registry_special_accounts_hide_user/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_change_security_zones/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_taskmgr_lsass_dump/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_findstr_lsass/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_creation_new_shim_database/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmdkey_adding_generic_creds/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_certutil_certificate_installation/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_findstr_recon_everyone/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_com_key_linking/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_binary/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_certutil_ntlm_coercion/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_add_run_key/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_logon_scripts_userinitmprlogonscript/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_amsi_providers/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_mklink_osk_cmd/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_driverquery_recon/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmdkey_recon/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_dump_file_susp_creation/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_conhost_headless_powershell/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_powershell_logging_disabled/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_adfind_susp_usage/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_adfind_execution/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_advanced_ip_scanner/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_advanced_port_scanner/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_advancedrun/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_advancedrun_priv_user/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_adfind_enumeration/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_pua_sysinternals_execution_via_eula/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_pua_sysinternals_susp_execution_via_eula/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_findstr_recon_pipe_output/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_add_load_service_in_safe_mode/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_delete/registry_delete_removal_amsi_registry_key/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_delete/registry_delete_schtasks_hide_task_via_index_value_removal/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_delete/registry_delete_schtasks_hide_task_via_sd_value_removal/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_adfind/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_curl/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_ftp/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_msdt/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_delete/registry_delete_runmru/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_findstr_security_keyword_lookup/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sc_stop_service/ 2025-11-26T10:08:11+00:00 https://detection.fyi/tags/stp.1u/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_public_folder_extension/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_browsers_chromium_susp_load_extension/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_chcp_codepage_switch/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_curl_susp_download/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_pua_sysinternals_renamed_execution_via_eula/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_recycle_bin_fake_exec/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_certutil_encode_susp_extensions/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dtrace_kernel_dump/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_lnk_double_extension/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/sysmon/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/sysmon/sysmon_config_modification/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_discovery_via_reg_queries/ 2025-11-26T10:08:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_browsers_tor_execution/ 2025-11-26T10:08:11+00:00 https://detection.fyi/mbabinski/sigma-rules/2025_arcgis_server_soe_abuse/ 2025-11-25T21:21:45+00:00 https://detection.fyi/mbabinski/sigma-rules/2025_arcgis_server_soe_abuse/file_event_win_arcsoc_creating_susp_files/ 2025-11-25T21:21:45+00:00 https://detection.fyi/mbabinski/ 2025-11-25T21:21:45+00:00 https://detection.fyi/mbabinski/sigma-rules/ 2025-11-25T21:21:45+00:00 https://detection.fyi/mbabinski/sigma-rules/2025_arcgis_server_soe_abuse/proc_creation_win_arcsoc_susp_child_process/ 2025-11-25T21:21:45+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_evasive_link/ 2025-11-25T15:39:30+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_inod_listing/ 2025-11-25T15:29:32+00:00 https://detection.fyi/tags/attack.t1053.002/ 2025-11-25T15:00:53+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_bcdedit_boot_conf_tamper/ 2025-11-25T15:00:53+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_at_interactive_execution/ 2025-11-25T15:00:53+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_add/registry_add_persistence_disk_cleanup_handler_entry/ 2025-11-25T15:00:53+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_add/ 2025-11-25T15:00:53+00:00 https://detection.fyi/sublime-security/sublime-rules/body_encrypted_zip_password_attachment/ 2025-11-25T14:12:00+00:00 https://detection.fyi/tags/attack.t1129/ 2025-11-25T12:03:05+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_dll_unsigned_node_load/ 2025-11-25T12:03:05+00:00 https://detection.fyi/elastic/detection-rules/linux/initial_access_apache_struts_cve_2023_50164_exploitation_to_webshell/ 2025-11-24T20:08:39+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_curl_or_wget_executed_via_lolbin/ 2025-11-24T19:38:15+00:00 https://detection.fyi/elastic/detection-rules/linux/credential_access_ssh_password_grabbing_via_strace/ 2025-11-24T19:38:15+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_busybox_indirect_shell_spawn/ 2025-11-24T19:38:15+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/credential_access_multiple_user_agent_os_authentication/ 2025-11-24T19:27:08+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_wordpress_notification/ 2025-11-24T18:13:40+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/multiple_alerts_edr_elastic_defend_by_host/ 2025-11-24T17:16:09+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_file_scheme_link_to_executable_filetype/ 2025-11-24T17:05:09+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_cve_2023_38831/ 2025-11-24T17:05:09+00:00 https://detection.fyi/tags/cve-2023-38831/ 2025-11-24T17:05:09+00:00 https://detection.fyi/tags/malfam-darkgate/ 2025-11-24T17:05:09+00:00 https://detection.fyi/tags/malfam-pikabot/ 2025-11-24T17:05:09+00:00 https://detection.fyi/sublime-security/sublime-rules/headers_voicemail_sendgrid/ 2025-11-24T17:05:09+00:00 https://detection.fyi/sublime-security/sublime-rules/recon_large_recipients_unknown/ 2025-11-24T16:38:33+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/credential_access_rapid_secret_retrieval_attempts_from_secretsmanager/ 2025-11-24T15:37:07+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_sendgrid_like_link/ 2025-11-24T15:05:35+00:00 https://detection.fyi/tags/data-source-aws-route53/ 2025-11-24T15:01:40+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/privilege_escalation_root_login_without_mfa/ 2025-11-24T15:01:40+00:00 https://detection.fyi/sigmahq/sigma/linux/file_event/ 2025-11-24T14:33:42+00:00 https://detection.fyi/sigmahq/sigma/linux/file_event/file_event_lnx_susp_filename_with_embedded_base64_command/ 2025-11-24T14:33:42+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_adobe_suspicious_language_link/ 2025-11-24T14:29:34+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/command_and_control_pan_elastic_defend_c2/ 2025-11-24T14:01:52+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2014/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/cisco/aaa/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_abusing_debug_privilege/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_ad_replication_non_machine_account/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_elavated_msi_spawned_shell/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_ua_apt/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_arbitrary_shell_execution_via_settingcontent/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.g0001/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.g0046/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.g0069/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.s0013/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.s0029/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.s0154/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.s0404/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.s0412/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1003.006/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1012/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1021.002/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1021.003/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1021.006/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1027.005/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1048/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1053/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1059.002/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1071.001/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1072/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1074/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1078/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1102.001/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1102.003/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1110/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1110.001/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1134.001/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1140/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1187/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1189/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1201/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1210/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1216/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1218.003/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1218.011/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1222.001/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1495/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1496/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1505/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1505.002/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1546.003/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1546.009/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1547/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1552.002/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1557.001/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1557.003/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1558.003/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1561.001/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1561.002/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1564/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1564.006/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1565.001/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1565.002/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1566.001/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1567/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1567.002/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1568/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1569/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1569.002/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1574/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1574.008/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1587.001/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/attack.t1620/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_iam_backdoor_users_keys/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_securityhub_finding_evasion/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2014/ta/axiom/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/cisco/bgp/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/huawei/bgp/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/juniper/bgp/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_ua_bitsadmin_susp_tld/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_cmstp/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_fodhelper/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/car.2013-05-002/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/car.2019-04-001/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/car.2022-03-001/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/cisco/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-3452/web_cve_2020_3452_cisco_asa_ftd/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/cisco/bgp/cisco_bgp_md5_auth_failed/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/cisco/aaa/cisco_cli_dos/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/cisco/aaa/cisco_cli_disable_logging/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/cisco/aaa/cisco_cli_file_deletion/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/cisco/ldp/cisco_ldp_md5_auth_failed/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/cisco/aaa/cisco_cli_local_accounts/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/cisco/aaa/cisco_cli_modify_config/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/cisco/aaa/cisco_cli_input_capture/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/cisco/aaa/cisco_cli_net_sniff/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/cisco/aaa/cisco_cli_moving_data/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-8193/web_cve_2020_8193_8195_citrix_exploit/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/exploits/cve-2019-19781/web_cve_2019_19781_citrix_exploit/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_clipboard_data_via_osascript/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmstp_execution_by_creation/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_cmstp_execution_by_registry/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_http_appdata/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/conti/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/conti/proc_creation_win_malware_conti/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/web/webserver_generic/web_xss_in_access_logs/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_ua_cryptominer/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_asep_reg_keys_modification_currentcontrolset/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/exploits/cve-2017-11882/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/exploits/cve-2018-13379/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/exploits/cve-2018-2894/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/exploits/cve-2019-11510/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/exploits/cve-2019-19781/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-0688/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-0688/web_cve_2020_0688_msexchange/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-14882/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-28188/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-3452/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-5902/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-5902/web_cve_2020_5902_f5_bigip/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-8193/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-1675/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-1675/win_exploit_cve_2021_1675_printspooler_operational/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-2109/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-22123/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-26814/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-26858/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-26858/file_event_win_cve_2021_26858_msexchange/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-40539/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-40539/web_cve_2021_40539_manageengine_adselfservice_exploit/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-41379/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-42278/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-42287/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-43798/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-23752/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-3400/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2017-11882/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2018-13379/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2018-2894/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2019-11510/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2019-19781/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2020-0688/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2020-14882/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2020-28188/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2020-3452/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2020-5902/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2020-8193/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2020-8195/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2021-1675/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2021-2109/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2021-21978/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2021-22123/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2021-26814/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2021-26858/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2021-40539/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2021-42278/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2021-42287/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2021-43798/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2023-23752/ 2025-11-24T08:54:29+00:00 https://detection.fyi/tags/cve.2024-3400/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/zeek_default_cobalt_strike_certificate/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_not_allowed_rdp_access/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/ta/unc2546/web_unc2546_dewmode_php_webshell/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_disable_security_events_logging_adding_reg_key_minint/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_registry_cimprovider_dll_load/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_certoc_load_dll/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/zeek_dns_mining_pools/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/zeek_dns_torproxy/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_download_susp_dyndns/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_download_susp_tlds_blacklist/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_download_susp_tlds_whitelist/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_dpapi_domain_masterkey_backup_attempt/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/exploits/cve-2017-11882/proc_creation_win_exploit_cve_2017_11882/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/emotet/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_esentutl_params/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_msdeploy/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_public_folder/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_ua_frameworks/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-26814/web_cve_2021_26814_wzuh_rce/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/exploits/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/exploits/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/exploits/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_regedit_export_critical_keys/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_regedit_export_keys/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/create_stream_hash/create_stream_hash_regedit_export_to_ads/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/msexchange/win_exchange_transportagent_failed/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/malware/fireball/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/malware/fireball/proc_creation_win_malware_fireball/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/formbook/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/formbook/proc_creation_win_malware_formbook/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/exploits/cve-2018-13379/web_cve_2018_13379_fortinet_preauth_read_exploit/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-22123/web_cve_2021_22123_fortinet_exploit/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-43798/web_cve_2021_43798_grafana/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_ua_hacktool/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_crackmapexec_execution/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_crackmapexec_powershell_obfuscation/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_empire_powershell_uac_bypass/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_koadic/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_impacket_lateral_movement/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/huawei/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/huawei/bgp/huawei_bgp_auth_failed/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_regedit_import_keys/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_regedit_import_keys_ads/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_pcwrun/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_infdefaultinstall_execute_sct_scripts/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-41379/file_event_win_cve_2021_41379_msi_lpe/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_asep_reg_keys_modification_internet_explorer/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_iso_file_mount/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_java_remote_debugging/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/lnx_susp_jexboss/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/juniper/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/juniper/bgp/juniper_bgp_missing_md5/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_jxa_in_memory_execution/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/cisco/ldp/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_data_exfiltration_by_using_datasvcutil/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/malware/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/malware/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/malware/maze/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_metasploit_or_impacket_smb_psexec_service_install/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mmc_susp_child_process/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/msexchange/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_msexchange_transport_agent/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/msexchange/win_exchange_transportagent/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/netlogon/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_eventconsumer_creation/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_new_dll_added_to_appcertdlls_registry_key/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/zeek_dns_nkn/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_node_adobe_creative_cloud_abuse/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/ntlm/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_asep_reg_keys_modification_office/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/exploits/cve-2018-2894/web_cve_2018_2894_weblogic_exploit/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-14882/web_cve_2020_14882_weblogic_exploit/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-2109/web_cve_2021_2109_weblogic_rce_exploit/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_osacompile_runonly_execution/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_ping_hex_ip/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/malware/plugx/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-1675/win_exploit_cve_2021_1675_printspooler/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-42278/win_system_exploit_cve_2021_42278/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-23752/web_cve_2023_23752_joomla_exploit_attempt/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-3400/paloalto_globalprotect_exploit_cve_2024_3400_command_injection/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/emotet/proc_creation_win_malware_emotet/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_sdelete/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_kerberos_coercion_via_dns_object/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/malware/maze/proc_creation_win_malware_maze_ransomware/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_meterpreter_getsystem/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/zeek_dce_rpc_potential_petit_potam_efs_rpc_call/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/malware/plugx/proc_creation_win_malware_plugx_susp_exe_locations/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/qbot/proc_creation_win_malware_qbot/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/ntlm/win_susp_ntlm_rdp/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/ryuk/proc_creation_win_malware_ryuk/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_base64_reflection_assembly_load/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_citrix_trolleyexpress_procdump/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_mouselock_execution/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_nircmd/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_nircmd_as_system/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_rclone_execution/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_runxcmd/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/exploits/cve-2019-11510/web_cve_2019_11510_pulsesecure_exploit/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_pwndrop/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/qbot/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_ua_rclone/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_mal_azorult/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_regini_execution/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_anydesk_silent_install/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_winrm_remote_powershell_session_process/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_sysinternals_sdelete/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_without_parameters/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/ryuk/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_sam_registry_hive_handle_request/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_scrcons_susp_child_process/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/smbclient/security/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_asep_reg_keys_modification_session_manager/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_net_view_share_and_sessions_enum/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_susp_shimcache_flush/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/smbclient/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/solarwinds-supply-chain/web_solarwinds_supernova_webshell/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/solarwinds-supply-chain/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/visualdoor-exploit/web_sonicwall_jarrewrite_exploit/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/web/webserver_generic/web_source_code_enumeration/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_svchost_execution_with_no_cli_flags/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_office_spawn_exe_from_users_directory/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_mal_cobaltstrike/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-42287/win_security_samaccountname_spoofing_cve_2021_42287/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_susp_control_dll_load/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_csi_execution/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_desktopimgdownldr_susp_execution/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_desktopimgdownldr_file/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_susp_driver_installed_by_pnputil/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_base64_reflection_assembly_load_obfusc/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/wmi_event/sysmon_wmi_susp_encoded_scripts/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_file_characteristics/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_office_outlook_susp_child_processes/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_mailboxexport_share/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_mailboxexport_share/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_progname/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_get_localgroup_member_recon/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_takeown_recursive_own/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_regini_ads/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/smbclient/security/win_smbclient_security_susp_failed_guest_logon/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_setupapi_installhinfsection/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_runscripthelper/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/wmi_event/sysmon_wmi_susp_scripting/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sc_service_path_modification/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_userinit_child/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_virtualbox_vboxdrvinst_execution/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_vslsagent_agentextensionpath_load/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_user32_dll/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_syncappvpublishingserver_execute_psh/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_syncappvpublishingserver_vbs_execute_psh/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_asep_reg_keys_modification_system_scripts/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2014/ta/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/ta/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_task_folder_evasion/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_telegram_api/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-28188/web_cve_2020_28188_terramaster_rce_exploit/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_bypass_via_wsreset/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/ta/unc2546/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_settingsynchost/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_verclsid_runs_com/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_virtualbox_execution/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/visualdoor-exploit/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/netlogon/win_system_vul_cve_2020_1472/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/malware/wannacry/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/malware/wannacry/proc_creation_win_malware_wannacry/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/web/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/web/webserver_generic/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/web/webserver_generic/web_webshell_regeorg/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_computer_name/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mpcmdrun_remove_windows_defender_definition/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_pcap_drivers/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_shell_spawn_susp_program/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/web/webserver_generic/web_win_webshells_in_access_logs/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_runkey_winekey/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_asep_reg_keys_modification_winsock2/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/wmi_event/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_asep_reg_keys_modification_wow6432node_classes/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_cscript_wscript_dropper/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2014/ta/axiom/proc_creation_win_apt_zxshell/ 2025-11-24T08:54:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/atomic-macos-stealer/proc_creation_macos_malware_amos_curl_post/ 2025-11-24T02:52:52+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/atomic-macos-stealer/file_event_macos_malware_amos_persistence/ 2025-11-24T02:52:52+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/atomic-macos-stealer/ 2025-11-24T02:52:52+00:00 https://detection.fyi/tags/attack.t1543.004/ 2025-11-24T02:52:52+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_kerberos_kerberos_ticket_request_via_cli/ 2025-11-23T15:27:40+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_request_kerberos_ticket/ 2025-11-23T15:27:40+00:00 https://detection.fyi/tags/attack.t1484.001/ 2025-11-23T14:51:08+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_rdp_keys_tamper/ 2025-11-23T14:51:08+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_terminal_server_tampering/ 2025-11-23T14:51:08+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_default_domain_gpo_modification/ 2025-11-23T14:51:08+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mmc_default_domain_gpo_modification_via_gpme/ 2025-11-23T14:51:08+00:00 https://detection.fyi/sublime-security/sublime-rules/headers_invalid_rcpt_reply-to_mismatch_new/ 2025-11-21T17:16:51+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_vscode_tunnel_communication/ 2025-11-21T11:13:42+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_vbscript_registry_modification/ 2025-11-21T10:54:19+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_vbscript_registry_modification/ 2025-11-21T10:54:19+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_susp_process_registry_modification/ 2025-11-21T10:54:19+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rdp_enable_or_disable_via_win32_terminalservicesetting_wmi_class/ 2025-11-21T09:26:45+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_terminal_server_suspicious/ 2025-11-21T09:26:45+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_clickfix_filefix_execution/ 2025-11-21T08:08:59+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-20333/proxy_exploit_cve_2025_20333/ 2025-11-21T07:21:30+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-20333/ 2025-11-21T07:21:30+00:00 https://detection.fyi/tags/cve.2025-20333/ 2025-11-21T07:21:30+00:00 https://detection.fyi/tags/cve.2025-20362/ 2025-11-21T07:21:30+00:00 https://detection.fyi/tags/attack.t1055.012/ 2025-11-21T07:15:47+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_svchost_uncommon_command_line_flags/ 2025-11-21T07:15:47+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_cmd_for_loop_execution_with_recursive_directory_search/ 2025-11-21T06:41:45+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_b64_zip/ 2025-11-20T21:17:34+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_creditcard_application_with_whatsapp/ 2025-11-20T20:38:59+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/credential_access_iam_compromisedkeyquarantine_policy_attached_to_user/ 2025-11-17T21:25:38+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_meta_business/ 2025-11-17T19:47:30+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_pfpt_secure_message/ 2025-11-17T16:24:20+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_capitalone/ 2025-11-17T14:28:12+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_scheduled_task_powershell_source/ 2025-11-17T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_fsutil_symlinkevaluation/ 2025-11-17T06:38:57+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/impact_azure_compute_vm_snapshot_deletion/ 2025-11-15T13:36:03+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/impact_azure_compute_vm_snapshot_deletions/ 2025-11-15T13:36:03+00:00 https://detection.fyi/sublime-security/sublime-rules/link_display_text_matches_subject/ 2025-11-14T22:09:01+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_scheduled_task_creation_winlog/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_ldap_attributes/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_remote_password_reset/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_ad_adminsdholder/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_sdprop_exclusion_dsheuristics/ 2025-11-14T16:46:24+00:00 https://detection.fyi/tags/data-source-windows/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_dcsync_newterm_subjectuser/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_msds_alloweddelegateto_krbtgt/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_credroaming_ldap/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_bruteforce_multiple_logon_failure_followed_by_success/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_saved_creds_vault_winlog/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_dcsync_user_backdoor/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_kerberos_coerce/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_machine_account_smb_relay/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_samaccountname_spoofing_attack/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_shadow_credentials/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_create_process_as_different_user/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_suspicious_dnshostname_update/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_remote_task_creation_winlog/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_remote_service_installed_winlog/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_seenabledelegationprivilege_assigned_to_user/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_krbrelayup_service_creation/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/discovery_high_number_ad_properties/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_suspicious_winreg_access_via_sebackup_priv/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_thread_cpu_priority_hijack/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_sysmon_wmi_event_subscription/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_temp_scheduled_task/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_spn_attribute_modified/ 2025-11-14T16:46:24+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_obf_args_unicode_modified_letters/ 2025-11-13T21:29:07+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_google_drive_new_sender_domain/ 2025-11-13T21:03:05+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_twitter/ 2025-11-13T17:41:13+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_office_vba_warnings_tamper/ 2025-11-13T13:22:02+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_office_outlook_security_settings/ 2025-11-13T13:22:02+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_office_access_vbom_tamper/ 2025-11-13T13:22:02+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_com_hijacking_builtin/ 2025-11-13T04:18:01+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_asep_reg_keys_modification_common/ 2025-11-13T04:10:26+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_asep_reg_keys_modification_currentversion_nt/ 2025-11-13T04:10:26+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/ursnif/registry_add_malware_ursnif/ 2025-11-13T04:10:26+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/ursnif/ 2025-11-13T04:10:26+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_asep_reg_keys_modification_wow6432node_currentversion/ 2025-11-13T04:10:26+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_google_careers/ 2025-11-12T15:13:39+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/execution_git_exploit_cve_2025_48384/ 2025-11-12T14:45:52+00:00 https://detection.fyi/sublime-security/sublime-rules/link_contains_punycode_characters/ 2025-11-12T14:38:15+00:00 https://detection.fyi/sublime-security/sublime-rules/link_fake_thread_nlu_financial_request/ 2025-11-12T13:46:02+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_google_group_explict_invite/ 2025-11-12T13:46:02+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_google_groups_suspicious/ 2025-11-12T13:46:02+00:00 https://detection.fyi/sublime-security/sublime-rules/vip_impersonation_charity/ 2025-11-12T13:46:02+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/dtrack-rat/ 2025-11-12T12:38:23+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/dtrack-rat/proc_creation_win_malware_dtrack/ 2025-11-12T12:38:23+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_delayed_via_ping_lolbas_unsigned/ 2025-11-11T12:34:20+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/initial_access_exfiltration_new_usb_device_mounted/ 2025-11-11T09:28:54+00:00 https://detection.fyi/tags/use-case-device-control/ 2025-11-11T09:28:54+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws_bedrock/aws_bedrock_guardrails_multiple_violations_in_single_request/ 2025-11-11T02:07:40+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws_bedrock/ 2025-11-11T02:07:40+00:00 https://detection.fyi/tags/data-source-aws-bedrock/ 2025-11-11T02:07:40+00:00 https://detection.fyi/tags/mitre-atlas-t0051/ 2025-11-11T02:07:40+00:00 https://detection.fyi/tags/mitre-atlas-t0054/ 2025-11-11T02:07:40+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws_bedrock/aws_bedrock_high_confidence_misconduct_blocks_detected/ 2025-11-11T02:07:40+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws_bedrock/aws_bedrock_multiple_sensitive_information_policy_blocks_detected/ 2025-11-11T02:07:40+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws_bedrock/aws_bedrock_multiple_topic_policy_blocks_detected/ 2025-11-11T02:07:40+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws_bedrock/aws_bedrock_multiple_word_policy_blocks_detected/ 2025-11-11T02:07:40+00:00 https://detection.fyi/tags/use-case-policy-violation/ 2025-11-11T02:07:40+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_microsoft_purview_impersonation/ 2025-11-10T18:26:11+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_suspicious_windows_server_update_svc/ 2025-11-10T18:10:32+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_file_transfer_or_listener_established_via_netcat/ 2025-11-10T15:11:16+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_docker_mount_chroot_container_escape/ 2025-11-10T15:03:39+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_writable_docker_socket/ 2025-11-10T15:03:39+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_unusual_kthreadd_execution/ 2025-11-10T15:03:39+00:00 https://detection.fyi/tags/attack.s0111/ 2025-11-10T12:52:54+00:00 https://detection.fyi/tags/attack.t1039/ 2025-11-10T12:52:54+00:00 https://detection.fyi/tags/attack.t1546.011/ 2025-11-10T12:52:54+00:00 https://detection.fyi/tags/car.2013-08-001/ 2025-11-10T12:52:54+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_asep_reg_keys_modification_classes/ 2025-11-10T12:52:54+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_copy_lateral_movement/ 2025-11-10T12:52:54+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_asep_reg_keys_modification_currentversion/ 2025-11-10T12:52:54+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_ie/ 2025-11-10T12:52:54+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_shim_database/ 2025-11-10T12:52:54+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_recon_product/ 2025-11-10T12:52:54+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_creation/ 2025-11-10T12:52:54+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_taskcache_entry/ 2025-11-10T12:52:54+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_remote_execution/ 2025-11-10T12:52:54+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rpcping_credential_capture/ 2025-11-10T11:12:34+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_device_credential_deployment/ 2025-11-10T11:12:34+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_explorer_break_process_tree/ 2025-11-10T11:12:34+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_msdt_answer_file_exec/ 2025-11-10T11:12:34+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_office_macro_files_downloaded/ 2025-11-10T11:12:34+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_customshellhost_susp_exec/ 2025-11-10T11:12:34+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wlrmdr_uncommon_child_process/ 2025-11-10T11:12:34+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-1675/av_exploit_cve_2021_34527_print_nightmare/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-33891/proc_creation_lnx_exploit_cve_2022_33891_spark_shell_command_injection/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-26134/proc_creation_lnx_exploit_cve_2022_26134_atlassian_confluence/ 2025-11-10T11:00:08+00:00 https://detection.fyi/tags/attack.t1548.001/ 2025-11-10T11:00:08+00:00 https://detection.fyi/tags/attack.t1548.003/ 2025-11-10T11:00:08+00:00 https://detection.fyi/tags/attack.t1589/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/malware/blue-mockingbird/registry_set_mal_blue_mockingbird/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/malware/blue-mockingbird/ 2025-11-10T11:00:08+00:00 https://detection.fyi/tags/car.2013-07-002/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/exploits/cve-2018-15473/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/exploits/cve-2019-0708/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/exploits/cve-2019-14287/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-1675/file_event_win_exploit_cve_2021_1675_printspooler/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-38647/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-4034/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-21919/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-26134/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-29799/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-33891/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-37966/ 2025-11-10T11:00:08+00:00 https://detection.fyi/tags/cve.2018-15473/ 2025-11-10T11:00:08+00:00 https://detection.fyi/tags/cve.2019-0708/ 2025-11-10T11:00:08+00:00 https://detection.fyi/tags/cve.2019-14287/ 2025-11-10T11:00:08+00:00 https://detection.fyi/tags/cve.2021-1678/ 2025-11-10T11:00:08+00:00 https://detection.fyi/tags/cve.2021-34484/ 2025-11-10T11:00:08+00:00 https://detection.fyi/tags/cve.2021-34527/ 2025-11-10T11:00:08+00:00 https://detection.fyi/tags/cve.2021-38647/ 2025-11-10T11:00:08+00:00 https://detection.fyi/tags/cve.2021-4034/ 2025-11-10T11:00:08+00:00 https://detection.fyi/tags/cve.2022-21919/ 2025-11-10T11:00:08+00:00 https://detection.fyi/tags/cve.2022-26134/ 2025-11-10T11:00:08+00:00 https://detection.fyi/tags/cve.2022-27800/ 2025-11-10T11:00:08+00:00 https://detection.fyi/tags/cve.2022-29799/ 2025-11-10T11:00:08+00:00 https://detection.fyi/tags/cve.2022-33891/ 2025-11-10T11:00:08+00:00 https://detection.fyi/tags/cve.2022-37966/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/dns_client/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/netwire/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-38647/zeek_http_exploit_cve_2021_38647_omigod_no_auth_rce/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/ta/pandemic/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/ta/pandemic/registry_event_apt_pandemic/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-1675/zeek_dce_rpc_exploit_cve_2021_1675_printnightmare_print_driver_install/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-42287/win_system_exploit_cve_2021_42287/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-21919/win_system_exploit_cve_2022_21919_or_cve_2021_34484/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-37966/win_system_exploit_cve_2022_37966_kdcsvc_rc4_downgrade/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/netwire/registry_add_malware_netwire/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-29799/lnx_exploit_cve_2022_27999_cve_2022_27800/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-1675/file_delete_win_exploit_cve_2021_1675_print_nightmare/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/exploits/cve-2019-0708/win_system_exploit_cve_2019_0708/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-1675/registry_event_cve_2021_1675_mimikatz_printernightmare_drivers/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-4034/lnx_auth_exploit_cve_2021_4034_pwnkit_lpe/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/exploits/cve-2019-0708/win_security_exploit_cve_2019_0708_scanner_poc/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/exploits/cve-2018-15473/lnx_sshd_exploit_cve_2018_15473/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/exploits/cve-2019-14287/proc_creation_lnx_exploit_cve_2019_14287/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/exploits/cve-2019-14287/lnx_sudo_exploit_cve_2019_14287/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/dns_client/win_dns_client_mal_cobaltstrike/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/ta/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-1675/image_load_exploit_cve_2021_1675_spoolsv_dll_load/ 2025-11-10T11:00:08+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_exacttarget_sender_domain/ 2025-11-08T17:48:06+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_fake_photo_share/ 2025-11-08T15:20:11+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_sharepoint_pdf_cred_theft/ 2025-11-07T18:07:23+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_paperlesspost/ 2025-11-06T21:29:48+00:00 https://detection.fyi/sublime-security/sublime-rules/headers_outlook_express/ 2025-11-06T17:17:46+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_certreq_download/ 2025-11-06T04:46:11+00:00 https://detection.fyi/sublime-security/sublime-rules/gophish_abuse_pixel_tracking/ 2025-11-05T17:43:08+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_mastercard_promo/ 2025-11-05T17:28:53+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_susp_runmru_space_character/ 2025-11-05T10:11:32+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_susp_typedpaths_space_characters/ 2025-11-05T10:11:32+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_ics_non-gregorian/ 2025-11-04T23:35:31+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_coinbase/ 2025-11-04T16:37:03+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_eml_file_with_ipfs_links/ 2025-11-04T16:34:24+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_rfc822_with_credential_theft_indicators/ 2025-11-04T16:34:24+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_small_html_recipient_address/ 2025-11-04T16:34:24+00:00 https://detection.fyi/elastic/detection-rules/integrations/o365/initial_access_entra_id_portal_login_impossible_travel/ 2025-11-04T16:29:25+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_sfmc_personalized_thread/ 2025-11-03T21:38:36+00:00 https://detection.fyi/sublime-security/sublime-rules/xero_infra_abuse/ 2025-11-03T18:09:15+00:00 https://detection.fyi/sublime-security/sublime-rules/predatory_academic_journal/ 2025-11-03T15:09:47+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_any_html_unsolicited/ 2025-11-03T14:39:25+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_any_html_new_sender/ 2025-11-03T14:39:25+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_excessive_const_declarations/ 2025-11-03T14:39:25+00:00 https://detection.fyi/sublime-security/sublime-rules/body_job_scam_unsolicited/ 2025-11-03T14:19:29+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_github/ 2025-11-03T13:28:40+00:00 https://detection.fyi/sublime-security/sublime-rules/body_advance_fee_new_sender/ 2025-11-03T13:27:54+00:00 https://detection.fyi/tags/attack.t1020/ 2025-11-03T09:35:44+00:00 https://detection.fyi/tags/attack.t1078.004/ 2025-11-03T09:35:44+00:00 https://detection.fyi/tags/attack.t1098.001/ 2025-11-03T09:35:44+00:00 https://detection.fyi/tags/attack.t1098.003/ 2025-11-03T09:35:44+00:00 https://detection.fyi/tags/attack.t1136.003/ 2025-11-03T09:35:44+00:00 https://detection.fyi/tags/attack.t1195.001/ 2025-11-03T09:35:44+00:00 https://detection.fyi/tags/attack.t1213/ 2025-11-03T09:35:44+00:00 https://detection.fyi/tags/attack.t1213.003/ 2025-11-03T09:35:44+00:00 https://detection.fyi/tags/attack.t1526/ 2025-11-03T09:35:44+00:00 https://detection.fyi/tags/attack.t1531/ 2025-11-03T09:35:44+00:00 https://detection.fyi/tags/attack.t1537/ 2025-11-03T09:35:44+00:00 https://detection.fyi/tags/attack.t1556/ 2025-11-03T09:35:44+00:00 https://detection.fyi/tags/attack.t1556.006/ 2025-11-03T09:35:44+00:00 https://detection.fyi/tags/attack.t1567.001/ 2025-11-03T09:35:44+00:00 https://detection.fyi/tags/attack.t1586/ 2025-11-03T09:35:44+00:00 https://detection.fyi/tags/attack.t1586.003/ 2025-11-03T09:35:44+00:00 https://detection.fyi/tags/attack.t1591.004/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/bitbucket/audit/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/github/audit/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/bitbucket/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/bitbucket/audit/bitbucket_audit_log_configuration_update_detected/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/bitbucket/audit/bitbucket_audit_full_data_export_triggered/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/bitbucket/audit/bitbucket_audit_global_permissions_change_detected/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/bitbucket/audit/bitbucket_audit_global_secret_scanning_rule_deleted/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/bitbucket/audit/bitbucket_audit_global_ssh_settings_change_detected/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/bitbucket/audit/bitbucket_audit_project_secret_scanning_allowlist_added/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/bitbucket/audit/bitbucket_audit_secret_scanning_exempt_repository_detected/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/bitbucket/audit/bitbucket_audit_secret_scanning_rule_deleted/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/bitbucket/audit/bitbucket_audit_unauthorized_access_detected/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/bitbucket/audit/bitbucket_audit_unauthorized_full_data_export_triggered/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/bitbucket/audit/bitbucket_audit_user_details_export_attempt_detected/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/bitbucket/audit/bitbucket_audit_user_login_failure_detected/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/bitbucket/audit/bitbucket_audit_user_login_failure_via_ssh_detected/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/bitbucket/audit/bitbucket_audit_user_permissions_export_attempt_detected/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/cisco_duo/cisco_duo_mfa_bypass_via_bypass_code/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/cisco_duo/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/github/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/github/audit/github_delete_action_invoked/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/github/audit/github_fork_private_repos_enabled_or_cleared/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/github/audit/github_disable_high_risk_configuration/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/github/audit/github_new_secret_created/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/github/audit/github_outside_collaborator_detected/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/github/audit/github_push_protection_bypass_detected/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/github/audit/github_push_protection_disabled/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/github/audit/github_repository_archive_status_changed/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/github/audit/github_pages_site_changed_to_public/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/github/audit/github_repo_or_org_transferred/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/github/audit/github_secret_scanning_feature_disabled/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/github/audit/github_self_hosted_runner_changes_detected/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/github/audit/github_ssh_certificate_config_changed/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/github/audit/github_new_org_member/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/okta_user_created/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/okta_admin_activity_from_proxy_query/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/okta_admin_role_assigned_to_user_or_group/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/okta_admin_role_assignment_created/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/okta_api_token_created/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/okta_api_token_revoked/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/okta_application_modified_or_deleted/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/okta_application_sign_on_policy_modified_or_deleted/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/okta_fastpass_phishing_detection/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/okta_identity_provider_created/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/okta_mfa_reset_or_deactivated/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/okta_network_zone_deactivated_or_deleted/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/okta_new_behaviours_admin_console/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/okta_policy_modified_or_deleted/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/okta_policy_rule_modified_or_deleted/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/okta_security_threat_detected/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/okta_suspicious_activity_enduser_report/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/okta_unauthorized_access_to_app/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/okta_user_account_locked_out/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/okta_user_session_start_via_anonymised_proxy/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/onelogin/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/onelogin/onelogin_user_account_locked/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/onelogin/onelogin_assumed_another_user/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/application/github/audit/github_disabled_outdated_dependency_or_vulnerability/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/identity/okta/okta_password_in_alternateid_field/ 2025-11-03T09:35:44+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-59287/ 2025-11-01T23:20:51+00:00 https://detection.fyi/tags/cve.2025-59287/ 2025-11-01T23:20:51+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-59287/win_wsus_exploit_cve_2025_59287/ 2025-11-01T23:20:51+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-59287/proc_creation_win_exploit_cve_2025_59287/ 2025-11-01T23:20:51+00:00 https://detection.fyi/sigmahq/sigma/network/fortinet/fortigate/ 2025-11-01T23:06:27+00:00 https://detection.fyi/sigmahq/sigma/network/fortinet/fortigate/fortinet_fortigate_new_firewall_address_object/ 2025-11-01T23:06:27+00:00 https://detection.fyi/sigmahq/sigma/network/fortinet/fortigate/fortinet_fortigate_new_admin_account_created/ 2025-11-01T23:06:27+00:00 https://detection.fyi/sigmahq/sigma/network/fortinet/fortigate/fortinet_fortigate_new_firewall_policy_added/ 2025-11-01T23:06:27+00:00 https://detection.fyi/sigmahq/sigma/network/fortinet/fortigate/fortinet_fortigate_new_local_user_created/ 2025-11-01T23:06:27+00:00 https://detection.fyi/sigmahq/sigma/network/fortinet/fortigate/fortinet_fortigate_new_vpn_ssl_web_portal/ 2025-11-01T23:06:27+00:00 https://detection.fyi/sigmahq/sigma/network/fortinet/fortigate/fortinet_fortigate_user_group_modified/ 2025-11-01T23:06:27+00:00 https://detection.fyi/sigmahq/sigma/network/fortinet/fortigate/fortinet_fortigate_vpn_ssl_settings_modified/ 2025-11-01T23:06:27+00:00 https://detection.fyi/sigmahq/sigma/network/fortinet/ 2025-11-01T23:06:27+00:00 https://detection.fyi/sublime-security/sublime-rules/link_file_sharing_cred_theft/ 2025-10-31T21:08:48+00:00 https://detection.fyi/tags/attack.g0010/ 2025-10-29T10:45:19+00:00 https://detection.fyi/tags/attack.t1016/ 2025-10-29T10:45:19+00:00 https://detection.fyi/tags/attack.t1134/ 2025-10-29T10:45:19+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/devil-bait/ 2025-10-29T10:45:19+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_kerberoasting_activity/ 2025-10-29T10:45:19+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/mint-sandstorm/proc_creation_win_apt_mint_sandstorm_aspera_faspex_susp_child_process/ 2025-10-29T10:45:19+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/mint-sandstorm/proc_creation_win_apt_mint_sandstorm_manage_engine_susp_child_process/ 2025-10-29T10:45:19+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/mint-sandstorm/ 2025-10-29T10:45:19+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_data_exfiltration_via_cli/ 2025-10-29T10:45:19+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/devil-bait/proc_creation_win_malware_devil_bait_output_redirect/ 2025-10-29T10:45:19+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/snatch/proc_creation_win_malware_snatch_ransomware/ 2025-10-29T10:45:19+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/snatch/ 2025-10-29T10:45:19+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_network_command/ 2025-10-29T10:45:19+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_system_user_anomaly/ 2025-10-29T10:45:19+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/ 2025-10-29T10:45:19+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2014/ta/turla/ 2025-10-29T10:45:19+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2014/ta/turla/proc_creation_win_apt_turla_comrat_may20/ 2025-10-29T10:45:19+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_speechruntime_child_process/ 2025-10-29T10:41:51+00:00 https://detection.fyi/tags/attack.t1555/ 2025-10-29T10:40:20+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_cloudtrail_pua_trufflehog/ 2025-10-29T10:40:20+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_winrshost_command_execution/ 2025-10-29T01:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_winrs_local_command_execution/ 2025-10-29T01:01:36+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_clear_syslog/ 2025-10-28T21:49:32+00:00 https://detection.fyi/tags/attack.t1562.012/ 2025-10-28T21:45:53+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_auditctl_clear_rules/ 2025-10-28T21:45:53+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_python_http_server_execution/ 2025-10-28T21:45:53+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_av_kaspersky_av_disabled/ 2025-10-28T21:34:26+00:00 https://detection.fyi/tags/attack.t1608.003/ 2025-10-28T21:13:17+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_kms_import_key_material/ 2025-10-28T21:13:17+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_signal_sensitive_config_access/ 2025-10-28T00:00:06+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_susp_wfp_filter_added/ 2025-10-27T23:56:21+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_sendthisfile/ 2025-10-27T20:34:18+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_any_sap_unsolicited/ 2025-10-27T12:19:04+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_restic/ 2025-10-24T10:58:38+00:00 https://detection.fyi/sublime-security/sublime-rules/link_discord_notification/ 2025-10-23T14:51:58+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/3cx-supply-chain/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/account_management/win_security_member_added_security_enabled_global_group/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/account_management/win_security_member_removed_security_enabled_global_group/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_add_domain_trust/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/account_management/win_security_security_enabled_global_group_deleted/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_ad_account_created_deleted/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_blocked_account_attempt/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/account_management/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/ta/actinium/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_suppress_defender_notifications/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_disallowrun_execution/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_app_credential_added/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_add_sid_history/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/account_management/win_security_admin_rdp_login/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sc_sdset_allow_service_changes/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_always_install_elevated_windows_installer/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/identity_protection/azure_identity_protection_anomalous_user/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_app_appid_uri_changes/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_app_uri_modifications/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/apt27/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/apt27/proc_creation_win_apt_apt27_emissary_panda/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/ta/apt31/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/ta/apt31/proc_creation_win_apt_apt31_judgement_panda/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/apt32-oceanlotus/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_aruba_networks_virtual_intranet_access/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_susp_atbroker_change/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.g0020/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.g0027/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.g0032/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.g0044/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.g0049/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.g0064/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.g0125/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.g0128/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.s0002/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.s0106/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.s0183/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1008/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1021/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1021.007/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1036.004/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1041/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1053.003/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1055.001/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1055.003/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1056/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1056.001/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1059.009/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1059.012/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1070/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1078.001/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1078.003/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1090/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1114/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1134.004/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1134.005/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1176/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1185/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1218.002/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1218.005/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1491.001/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1497.001/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1505.005/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1528/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1543/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1543.001/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1546/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1546.002/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1546.007/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1546.010/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1546.012/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1547.002/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1547.004/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1547.005/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1547.008/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1547.014/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1547.015/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1550/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1550.001/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1550.002/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1550.003/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1552.007/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1553/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1556.002/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1558/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1569.001/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1573/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1574.005/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1574.007/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1574.011/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1574.012/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1599.001/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/attack.t1621/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_kerberos_coercion_via_dns_spn_spoofing/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/application/kubernetes/audit/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/audit/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/audit/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_ad_auth_to_important_apps_using_single_factor_auth/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_console_getsignintoken/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_iam_s3browser_loginprofile_creation/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_iam_s3browser_templated_s3_bucket_policy_creation/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_iam_s3browser_user_or_accesskey_creation/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_sso_idp_change/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_ec2_import_key_pair_activity/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_root_account_usage/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_route_53_domain_transferred_lock_disabled/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_route_53_domain_transferred_to_another_account/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_delete_saml_provider/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_sts_assumerole_misuse/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_sts_getsessiontoken_misuse/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_cloudtrail_console_login_success_without_mfa/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_susp_saml_activity/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_update_login_profile/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_ad_only_single_factor_auth_required/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_federation_modified/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_kubernetes_admission_controller/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/audit/microsoft365_bypass_conditional_access/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_subscription_permissions_elevation_via_activitylogs/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_subscription_permissions_elevation_via_auditlogs/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_unusual_authentication_interruption/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/exploits/bearlpe-exploit/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_ad_bitlocker_key_retrieval/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/blackbyte/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/blackbyte/registry_set_win_malware_blackbyte_privesc_registry/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/malware/blue-mockingbird/proc_creation_win_malware_blue_mockingbird/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_browsers_chromium_headless_exec/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_priviledged_role_assignment_bulk_change/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_aad_secops_ca_policy_removedby_bad_actor/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_aad_secops_ca_policy_updatedby_bad_actor/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/car.2013-05-004/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/car.2015-04-001/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/car.2016-04-005/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_ad_certificate_based_authencation_enabled/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_assoc_tamper_exe_file_association/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_fax_dll_persistance/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_change_to_authentication_method/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_fax_change_service_user/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_pim_change_settings/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_service_imagepath_change/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/malware/chromeloader/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/malware/chromeloader/proc_creation_win_malware_chrome_loader_execution/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_clickonce_trust_prompt/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_cobaltstrike_service_installs/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_cobaltstrike_service_installs/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/lnx_ldso_preload_injection/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/code_integrity/win_codeintegrity_revoked_driver_blocked/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/code_integrity/win_codeintegrity_enforced_policy_block/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_comhijack_sdclt/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_treatas_persistence/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-57788/proc_creation_win_exploit_cve_2025_57788/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_control_panel_item/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/malware/cosmicduke/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/malware/cosmicduke/win_security_mal_cosmik_duke_persistence/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/cozy-bear/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_crashdump_disabled/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_creation_by_mobsync/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_creation_unquoted_service_path/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_svchost_credential_dumping/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/cron/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2014/exploits/cve-2014-6287/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/exploits/cve-2019-1378/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-33771/registry_set_cve_2021_31979_cve_2021_33771_exploits/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-33771/file_event_win_cve_2021_31979_cve_2021_33771_exploits/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-33771/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-24527/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-24527/file_event_win_cve_2022_24527_lpe/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-50623/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-50623/proc_creation_win_exploit_cve_2024_50623_cleo/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-30406/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-31324/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-33053/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-49144/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-54309/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-57788/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/cve.2014-6287/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/cve.2019-1378/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/cve.2021-21551/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/cve.2021-31979/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/cve.2021-33771/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/cve.2022-24527/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/cve.2022-30190/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/cve.2024-50623/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/cve.2025-30406/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/cve.2025-31324/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/cve.2025-33053/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/cve.2025-49144/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/cve.2025-54309/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/cve.2025-57788/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/slingshot/proc_creation_win_apt_slingshot/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/slingshot/win_security_apt_slingshot/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sc_sdset_deny_service_access/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_ad_device_registration_or_join_without_mfa/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_dhcp_calloutdll/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_dhcp_server/win_system_susp_dhcp_config_failed/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_dhcp_server/win_system_susp_dhcp_config/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/diamond-sleet/image_load_apt_diamond_sleet_side_load/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/diamond-sleet/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_dsrm_tampering/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_disable_function_user/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_mfa_disabled/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_susp_lsass_dll_load/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/cozy-bear/image_load_apt_cozy_bear_graphical_proton_dlls/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dll_sideload_vmware_xfer/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dllhost_no_cli_execution/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_onelaunch_update_service/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/dns_server/win_dns_server_susp_server_level_plugin_dll/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/dns_server/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_dns_over_https_enabled/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_susp_script_dotnet_clr_dll_load/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/driver_load/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_credential_access_via_password_filter/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_system_lsa_nolmhash/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_nolmhash/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_alert_active_directory_user_control/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/ta/equation-group/net_firewall_apt_equationgroup_c2/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/ta/equation-group/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_esxcli_permission_change_admin/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_rpcrt4_etw_tamper/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_services_etw_tamper/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_dot_net_etw_tamper/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_dot_net_etw_tamper/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/exploits/cve-2019-1378/proc_creation_win_exploit_cve_2019_1378/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2014/exploits/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_explorer_nouaccheck/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/account_management/win_security_successful_external_remote_rdp_login/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/account_management/win_security_successful_external_remote_smb_login/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_ad_failed_auth_from_countries_you_do_not_operate_out_of/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/account_management/win_security_susp_failed_logon_source/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_ualapi/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_msdt_susp_directories/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_change/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_delete/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/malware/flowcloud/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/malware/flowcloud/registry_event_malware_flowcloud_markers/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/ta/forest-blizzard/registry_set_apt_forest_blizzard_custom_protocol_handler/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/ta/forest-blizzard/registry_set_apt_forest_blizzard_custom_protocol_handler_dll/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/ta/forest-blizzard/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/file_event_win_malware_funklocker_ransomware_extension/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/audit/gcp_breakglass_container_workload_deployed/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/audit/gcp_kubernetes_admission_controller/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/gworkspace/gcp_gworkspace_granted_domain_api_access/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/gworkspace/gcp_gworkspace_user_granted_admin_privileges/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_granting_permission_detection/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_group_policy_abuse_privilege_addition/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_sysadminctl_enable_guest_account/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_guest_invite_failure/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_ad_guest_users_invited_to_tenant_by_non_approved_inviters/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/guloader/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/gworkspace/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_adcspwn/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/create_remote_thread/create_remote_thread_win_hktl_cactustorch/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_crackmapexec_execution_patterns/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_dinjector/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_hollowreaper/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_impacket_tools/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/pipe_created/pipe_created_hktl_koh_default_pipe/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_krbrelayup/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_hktl_littlecorporal_generated_maldoc/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_hktl_nofilter/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/create_remote_thread/create_remote_thread_win_hktl_cobaltstrike/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_selectmyparent/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_rubeus/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_hktl_rubeus/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_sharpersist/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_sharpup/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_alert_ruler/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/ta/hafnium/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/ta/hafnium/proc_creation_win_apt_hafnium/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/identity_protection/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_ad_auth_failure_increase/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/guloader/proc_creation_win_malware_guloader_execution/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/privileged_identity_management/azure_pim_invalid_license/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_iphlpsvc/win_system_isatap_router_address_set/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/proc_creation_win_malware_kalambur_curl_socks_tor/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/kamikakabot/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/kapeka/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/kapeka/registry_set_malware_kapeka_backdoor_autorun_persistence/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/kapeka/proc_creation_win_malware_kapeka_backdoor_persistence/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_krbrelayup_service_installation/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/application/kubernetes/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/application/kubernetes/audit/kubernetes_audit_change_admission_controller/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_launchctl_execution/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/lazarus/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/lazarus/image_load_apt_lazarus_side_load_activity/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/leviathan/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/leviathan/registry_event_apt_leviathan/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/linux/file_event/file_event_lnx_doas_conf_creation/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_doas_execution/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/lnx_auditd_keylogging_with_pam_d/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_distributed_com/win_system_lpe_indicators_tabtip/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_login_to_disabled_account/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/threat_management/microsoft365_logon_from_risky_ip_address/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/lummac-stealer/proc_creation_win_malware_lummac_more_vbc/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/lummac-stealer/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_office_trust_record_susp_location/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/driver_load/driver_load_win_mal_drivers/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/driver_load/driver_load_win_mal_drivers_names/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_cloudtrail_imds_malicious_usage/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/malware/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dctask64_arbitrary_command_and_dll_execution/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_ad_auth_sucess_increase/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_meterpreter_or_cobaltstrike_getsystem_service_install/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_meterpreter_or_cobaltstrike_getsystem_service_installation/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/threat_management/microsoft365_impossible_travel_activity/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security_mitigations/win_security_mitigations_defender_load_unsigned_dll/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_susp_outbound_mobsync_connection/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_dhcp_server/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_distributed_com/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_iphlpsvc/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/microsoft_windows_software_restriction_policies/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/zeek_dce_rpc_mitre_bzar_execution/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/zeek_dce_rpc_mitre_bzar_persistence/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/cron/lnx_cron_crontab_file_modification/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_bitsadmin_potential_persistence/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/malware/win_mssql_sp_maggie/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_mfa_denies/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_mfa_interrupted/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_narrator_feedback_persistance/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_net_cli_ngenassemblyusagelog/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_net_ntlm_downgrade/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_net_ntlm_downgrade/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_notepad/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_bginfo_custom_db/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_bginfo_custom_vbscript/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_bginfo_custom_wmi_query/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_aad_secops_new_ca_policy_addedby_bad_actor/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_new_dll_added_to_appinit_dlls_registry_key/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_dns_server_level_plugin_dll/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dnscmd_install_new_server_level_plugin_dll/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_netsh_help_dll_persistence_susp_location/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_office_outlook_macro_creation/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_install_pdqdeploy_runner/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_install_pdqdeploy/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_ad_new_root_ca_added/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_susp_run_key_img_folder/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_non_priv_reg_or_ps/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/ntlm/win_susp_ntlm_auth/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_creating_number_of_resources_detection/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/apt32-oceanlotus/registry_event_apt_oceanlotus_registry/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/oilrig/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/oilrig/proc_creation_win_apt_oilrig_mar18/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/oilrig/registry_event_apt_oilrig_mar18/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/oilrig/win_security_apt_oilrig_mar18/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/oilrig/win_system_apt_oilrig_mar18/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_ssh_login_attempt/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_ssh_new_connection/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_telnet_login_attempt/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/ta/operation-wocao/proc_creation_win_apt_wocao/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/ta/operation-wocao/win_security_apt_wocao/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/ta/operation-wocao/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_office_outlook_enable_unsafe_client_mail_rules/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_office_outlook_enable_macro_execution/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/account_management/win_security_pass_the_hash_2/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_dsrm_password_change/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_user_password_change/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmi_password_never_expire/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_gpo_scheduledtasks/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/linux/file_event/file_event_lnx_persistence_cron_files/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_sticky_keys_replace/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/linux/file_event/file_event_lnx_persistence_sudoers_files/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/pikabot/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_pim_alerts_disabled/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_pim_activation_approve_deny/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/pingback/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/pingback/proc_creation_win_malware_pingback_backdoor/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/pingback/image_load_malware_pingback_backdoor/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/pingback/file_event_win_malware_pingback_backdoor/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/pipe_created/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pktmon_execution/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_possible_shadow_credentials_added/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/ta/actinium/proc_creation_win_apt_actinium_persistence/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_appverifui/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_avkkid/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_dll_azure_microsoft_account_token_provider_dll_load/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/exploits/bearlpe-exploit/proc_creation_win_exploit_other_bearlpe/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_cobaltstrike_service_installs/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_browsers_chromium_headless_debugging/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_tracker/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_dbgmodel/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_keyscrambler/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_mpsvc/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_mscorsvc/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_coregen/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_deviceenroller_dll_sideloading/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_vmware_xfer/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_eacore/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_edputil/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-54309/proc_creation_win_exploit_cve_2025_54309/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-33053/proc_creation_win_exploit_cve_2025_33053/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-33053/image_load_win_exploit_cve_2025_33053/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-33053/proc_access_win_exploit_cve_2025_33053/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_goopdate/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_initial_access_dll_search_order_hijacking/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_iviewers/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/kamikakabot/registry_set_malware_kamikakabot_winlogon_persistence/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_dd_process_injection/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_ad_suspicious_signin_bypassing_mfa/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_mfdetours/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_windows_defender/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mpcmdrun_dll_sideload_defender/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-49144/proc_creation_win_exploit_cve_2025_49144/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sc_service_tamper_for_persistence/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_appx_debugger/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_app_paths/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_app_cpmpat_layer_registerapprestart/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_custom_protocol_handler/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_registry_logon_script/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_persistence_windows_telemetry/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_netsh_helper_dll_potential_persistence/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_outlook_homepage/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_office_outlook_enable_load_macro_provider_on_boot/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_outlook_todaypage/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_persistence_via_plistbuddy/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_powershell_persistence/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_scrobj_dll/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_shim_database_uncommon_location/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/pikabot/proc_creation_win_malware_pikabot_rundll32_hollowing/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/pikabot/proc_creation_win_malware_pikabot_combined_commands_execution/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/account_management/win_security_susp_privesc_kerberos_relay_over_ldap/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_registry_privilege_escalation_via_service_key/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_msra_process_injection/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_comhijack_psfactorybuffer/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_python/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_malware_qakbot_registry/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/raspberry-robin/image_load_malware_raspberry_robin_side_load_aclui_oleview/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/raspberry-robin/registry_set_malware_raspberry_robin_internet_settings_zonemap_tamper/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_rcdll/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_dbgmanageddebugger_persistence/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_telemetry_persistence/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_ripzip_attack/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_rjvplatform_default_location/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_rjvplatform_non_default_location/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_robform/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-31324/file_event_win_sap_netweaver_webshell_creation/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-31324/file_event_lnx_sap_netweaver_webshell_creation/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_shelldispatch/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_smadhook/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_relay_attacks_tools/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_solidpdfcreator/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_openssh_tunnelling/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_powershell_startup_shortcuts/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_secedit_execution/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/3cx-supply-chain/proc_creation_win_malware_3cx_compromise_susp_children/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_import_from_suspicious_paths/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_vivaldi_elf/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_waveedit/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_wwlib/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_keyscrambler_susp_child_process/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_desktop_background_change/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_desktop_background_change/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_cmdlet_scheduled_task/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_detect_vm_env/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_copy_item_system_directory/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_keylogging/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_localuser/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dism_enable_powershell_web_access_feature/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_wmi_persistence/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_account_backdoor_dcsync_rights/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_privileged_account_creation/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/lnx_privileged_user_creation/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/privileged_identity_management/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_install_pua_proceshacker/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/driver_load/driver_load_win_pua_process_hacker/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/driver_load/driver_load_win_pua_system_informer/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/raspberry-robin/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/razerinstaller-lpe-exploit/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_redmimicry_winnti_reg/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_susp_paths/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_regedit_trustedinstaller/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_set_nopolicies_user/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_hide_function_user/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_stdregprov_reg_modification/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_persistence_recycle_bin/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_susp_reg_persist_explorer_run/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_cor_profiler/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_regsvr32_uncommon_extension/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2014/exploits/cve-2014-6287/web_cve_2014_6287_hfs_rce/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_screenconnect_installation_cli_param/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_remote_access_tools_teamviewer_incoming_connection/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_remote_access_tools_teamviewer_incoming_connection/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_teamviewer_incoming_connection/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_service_install_remote_access_software/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_install_remote_access_software/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/application/rpc_firewall/rpc_firewall_remote_registry_lateral_movement/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/application/rpc_firewall/rpc_firewall_atsvc_lateral_movement/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/application/rpc_firewall/rpc_firewall_itaskschedulerservice_lateral_movement/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/application/rpc_firewall/rpc_firewall_sasec_lateral_movement/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_atsvc_task/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/zeek_smb_converted_win_atsvc_task/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_delete/registry_delete_removal_com_hijacking_registry_key/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_vmnat/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_dctask64/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/microsoft_windows_software_restriction_policies/win_software_restriction_policies_block/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_lsa_disablerestrictedadmin/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_lsa_disable_restricted_admin/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/privileged_identity_management/azure_pim_role_frequent_activation/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/privileged_identity_management/azure_pim_role_no_mfa_required/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/privileged_identity_management/azure_pim_role_not_used/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/privileged_identity_management/azure_pim_role_assigned_outside_of_pim/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_dsenableroot_enable_root_account/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/account_management/win_security_susp_rottenpotato/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/application/rpc_firewall/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_runonce_persistence/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_runonce_execution/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_chrome_extension/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_system_process/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_curl_and_powershell_combo/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/taskscheduler/win_taskscheduler_execution_from_susp_locations/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/taskscheduler/win_taskscheduler_lolbin_execution_via_task_scheduler/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_reg_loader_encoded/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_reg_loader/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_at_command/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_system/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_folder_combos/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_scm_database_privileged_operation/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sdclt_child_process/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_event_logging_disable_via_key_minint/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_create_minint_key/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_ssp_added_lsa_config/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security_mitigations/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/malware/serpent-backdoor/proc_creation_win_malware_serpent_backdoor_payload_execution/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/malware/serpent-backdoor/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_creation_service_susp_folder/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_service_installation_by_unusal_client/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_install_sups_unusal_client/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_get_acl_service/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_setgid_setuid/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_setup16_custom_lst_execution/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_conditional_access_failure/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_ad_sign_ins_from_unknown_devices/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_ad_sign_ins_from_noncompliant_devices/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/slingshot/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_install_sliver/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/small-sieve/proc_creation_win_malware_small_sieve_cli_arg/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/small-sieve/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/privileged_identity_management/azure_pim_account_stale/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_group_policy_startup_script_added_to_gpo/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/malware/stonedrill/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/malware/stonedrill/win_system_apt_stonedrill/ 2025-10-23T13:42:12+00:00 https://detection.fyi/tags/stp.2a/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_ad_authentications_from_countries_you_do_not_operate_out_of/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/account_management/win_security_overpass_the_hash/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_autorun_registry_modified_via_wmic/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_child_process_as_system_/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-31324/proc_creation_win_sap_netweaver_susp_child_process/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-31324/proc_creation_lnx_sap_netweaver_susp_child_process/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_susp_pattern/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_susp_reset_computermachinepassword/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_kerberos_coercion_via_dns_object_spoofing/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/zeek_dns_kerberos_coercion_via_dns_object_spn_spoofing/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_get_variable/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_susp_grpconv/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_gup_suspicious_execution/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_change/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_susp_ipfs_cred_harvest/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_office_outlook_susp_macro_creation/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_powershell_in_run_keys/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_susp_printer_driver/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-30406/proc_creation_win_exploit_cve_2025_30406_centrestack_portal_child_process/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/razerinstaller-lpe-exploit/proc_creation_win_exploit_other_razorinstaller_lpe/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_logon_explicit_credentials/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_susp_download_run_key/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_inline_vbs/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_creation_temp_folder/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_schedule_via_masqueraded_xml_file/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_guid_task_name/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_task_write/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_appdata_local_system/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_schedule_type_system/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_schedule_type/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_screensaver/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_creation_scr_binary_file/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_service_dacl_modification_set_service/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_shim_database_susp_application/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_ad_risky_sign_ins_with_singlefactorauth_from_unknown_devices/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_startup_folder_persistence/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_thor_unsigned_execution/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/solarwinds-supply-chain/proc_creation_win_apt_unc2452_vbscript_pattern/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_velociraptor_child_process/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_psservice/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_pssuspend_execution/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_sysmon_channel_reference_deletion/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/ta/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/ta/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/ta/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/taidoor-rat/proc_creation_win_apt_taidoor/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/taidoor-rat/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/taskscheduler/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_tap_added/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_delete/registry_delete_mstsc_history_cleared/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/threat_management/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/privileged_identity_management/azure_pim_too_many_global_admins/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/linux/file_event/file_event_lnx_triple_cross_rootkit_persistence/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_win_trusted_path_bypass/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_trustedpath/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/ta/turla/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/ta/turla/win_system_apt_turla_service_png/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/ta/turla/win_system_apt_carbonpaper_turla/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_hijacking_firwall_snap_in/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_office_trusted_location_uncommon/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_susp_outbound_kerberos_connection/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_userinit_uncommon_child_processes/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security_mitigations/win_security_mitigations_unsigned_dll_from_susp_location/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_mfdetours_unsigned/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_susp_clickonce_unsigned_module_loaded/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dns_susp_child_process/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_delete/file_delete_win_unusual_deletion_by_dns_exe/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_change/file_change_win_unusual_modification_by_dns_exe/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_legacy_authentication_protocols/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_user_login_blocked_by_conditional_access/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_dscl_add_user_to_admin_group/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_dseditgroup_add_to_admin_group/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_sysadminctl_add_user_to_admin_group/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_ad_user_added_to_admin_role/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_group_user_addition_ca_modification/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_add_user_privileged_group/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_user_added_to_local_administrators/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_add_user_local_admin_group/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_priviledged_role_assignment_add/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_add_user_remote_desktop_group/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_user_couldnt_call_priv_service_lsaregisterlogonprocess/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_group_user_removal_ca_modification/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_guest_to_member/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_ad_users_added_to_device_admin_roles/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_users_authenticating_to_other_azure_ad_tenants/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_vbs_payload_stored/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/driver_load/driver_load_win_vuln_drivers/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/driver_load/driver_load_win_vuln_drivers_names/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/driver_load/driver_load_win_vuln_hevd_driver/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/driver_load/driver_load_win_vuln_winring0_driver/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_disable_wdigest_credential_guard/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_wdigest_enable_uselogoncredential/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/driver_load/driver_load_win_windivert/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_disable_windows_event_log_access/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_net_share_obj_susp_desktop_ini/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_windows_terminal_profile/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_winlogon_helper_dll/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_winlogon_notify_key/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/winnti/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/winnti/proc_creation_win_apt_winnti_mal_hk_jan20/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/winnti/proc_creation_win_apt_winnti_pipemon/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_winrar_file_creation_in_startup_folder/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmi_backdoor_exchange_transport_agent/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/wmi_event/sysmon_wmi_event_subscription/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_wmi_persistence_commandline_event_consumer/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_wmi_persistence_script_event_consumer_write/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_writing_local_admin_share/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_xwizard_execution_non_default_location/ 2025-10-23T13:42:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wsl_kali_linux_installation/ 2025-10-23T12:19:38+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wsl_kali_linux_usage/ 2025-10-23T12:19:38+00:00 https://detection.fyi/tags/attack.t1087.004/ 2025-10-23T11:48:06+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_sts_getcalleridentity_trufflehog/ 2025-10-23T11:48:06+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/smbserver/connectivity/ 2025-10-23T11:43:15+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/smbserver/ 2025-10-23T11:43:15+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/smbserver/connectivity/win_smbserver_connectivity_unsigned_and_unencrypted_share_connection/ 2025-10-23T11:43:15+00:00 https://detection.fyi/tags/attack.s0005/ 2025-10-23T03:22:48+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_wce/ 2025-10-23T03:22:48+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_set_alias/ 2025-10-23T03:13:09+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_classic/ 2025-10-23T03:13:09+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_classic/posh_pc_wsman_com_provider_no_powershell/ 2025-10-23T03:13:09+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_adobe_creative_cloud/ 2025-10-22T15:40:58+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_td/ 2025-10-22T15:40:54+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_delete_runmru/ 2025-10-22T12:46:35+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_cloudtrail_bucket_deleted/ 2025-10-22T12:36:42+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_cloudtrail_console_login_failed_authentication/ 2025-10-22T12:36:42+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_cloudtrail_region_enabled/ 2025-10-22T12:36:42+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_cloudtrail_vpc_flow_logs_deleted/ 2025-10-22T12:36:42+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_pua_trufflehog/ 2025-10-21T18:17:56+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_docusign_pdf_with_suspicious_links/ 2025-10-21T16:06:18+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_docusign_suspicious_links/ 2025-10-21T15:53:46+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_jwt_token_search/ 2025-10-21T06:31:24+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_ics_spoofed_with_attachment/ 2025-10-20T16:50:06+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_procdump_lsass/ 2025-10-20T13:27:28+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_local_system_owner_account_discovery/ 2025-10-20T03:23:28+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_download_patterns/ 2025-10-20T03:23:28+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_recon_volume/ 2025-10-20T03:23:28+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_web_request_cmd_and_cmdlets/ 2025-10-20T03:23:28+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_web_request_cmd_and_cmdlets/ 2025-10-20T03:23:28+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_ntfs_short_name_path_use_image/ 2025-10-20T03:23:28+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-57791/proc_creation_win_exploit_cve_2025_57791/ 2025-10-20T03:07:44+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-57790/proc_creation_win_exploit_cve_2025_57790/ 2025-10-20T03:07:44+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-57790/ 2025-10-20T03:07:44+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-57791/ 2025-10-20T03:07:44+00:00 https://detection.fyi/tags/cve.2025-57790/ 2025-10-20T03:07:44+00:00 https://detection.fyi/tags/cve.2025-57791/ 2025-10-20T03:07:44+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_file_write_in_webapps_root/ 2025-10-20T03:07:44+00:00 https://detection.fyi/tags/attack.t1653/ 2025-10-20T02:39:44+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_systemctl_mask_power_settings/ 2025-10-20T02:39:44+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-10035/ 2025-10-20T02:31:29+00:00 https://detection.fyi/tags/cve.2025-10035/ 2025-10-20T02:31:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-10035/proc_creation_win_exploit_cve_2025_10035/ 2025-10-20T02:31:29+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/shai-hulud/proc_creation_lnx_mal_shai_hululd_exfiltration/ 2025-10-19T01:43:08+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-32463/ 2025-10-19T01:36:26+00:00 https://detection.fyi/tags/cve.2025-32463/ 2025-10-19T01:36:26+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_chroot_execution/ 2025-10-19T01:36:26+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-32463/file_event_lnx_exploit_cve_2025_32463/ 2025-10-19T01:36:26+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-23397/ 2025-10-18T02:08:56+00:00 https://detection.fyi/tags/cve.2023-23397/ 2025-10-18T02:08:56+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-23397/win_smbclient_connectivity_exploit_cve_2023_23397_outlook_remote_file/ 2025-10-18T02:08:56+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_susp_baaupdate_dll_load/ 2025-10-18T01:22:22+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_netsh_fw_rules_discovery/ 2025-10-18T01:22:22+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_baaupdate_susp_child_process/ 2025-10-18T01:22:22+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/lnx_auditd_susp_c2_commands/ 2025-10-18T01:22:22+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_ghostwriting/ 2025-10-17T21:28:40+00:00 https://detection.fyi/sublime-security/sublime-rules/html_bidi_rtl_override/ 2025-10-17T15:47:21+00:00 https://detection.fyi/sublime-security/sublime-rules/link_test_flight_freemail/ 2025-10-17T15:46:00+00:00 https://detection.fyi/elastic/detection-rules/promotions/crowdstrike_external_alerts/ 2025-10-17T15:31:13+00:00 https://detection.fyi/tags/data-source-elastic-security/ 2025-10-17T15:31:13+00:00 https://detection.fyi/tags/data-source-google-secops/ 2025-10-17T15:31:13+00:00 https://detection.fyi/tags/data-source-microsoft-sentinel/ 2025-10-17T15:31:13+00:00 https://detection.fyi/tags/data-source-splunk/ 2025-10-17T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/promotions/elastic_security_external_alerts/ 2025-10-17T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/promotions/google_secops_external_alerts/ 2025-10-17T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/promotions/microsoft_sentinel_external_alerts/ 2025-10-17T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_dollar_account_relay_kerberos/ 2025-10-17T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_dollar_account_relay_ntlm/ 2025-10-17T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/promotions/sentinelone_alert_external_alerts/ 2025-10-17T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/promotions/sentinelone_threat_external_alerts/ 2025-10-17T15:31:13+00:00 https://detection.fyi/elastic/detection-rules/promotions/splunk_external_alerts/ 2025-10-17T15:31:13+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_docusign_embedded_qr_code/ 2025-10-17T14:50:45+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_google_image_lure_qr_code/ 2025-10-17T14:50:45+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_microsoft_credential_theft/ 2025-10-17T14:50:45+00:00 https://detection.fyi/sublime-security/sublime-rules/body_callback_phishing_no_attachment/ 2025-10-17T14:50:45+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_phishing_invoice_fraud_30d_domains/ 2025-10-17T14:50:45+00:00 https://detection.fyi/sublime-security/sublime-rules/cc_infra_abuse/ 2025-10-17T14:50:45+00:00 https://detection.fyi/sublime-security/sublime-rules/qr_code_auto_download_suspicious_file/ 2025-10-17T14:50:45+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/impact_azure_compute_restore_point_collection_deleted/ 2025-10-17T14:49:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/impact_azure_compute_restore_point_collections_deleted/ 2025-10-17T14:49:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/impact_azure_storage_account_deletion/ 2025-10-17T14:26:00+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/impact_azure_storage_account_deletion_multiple/ 2025-10-17T14:26:00+00:00 https://detection.fyi/sublime-security/sublime-rules/credential_phishing_reauthentication/ 2025-10-17T12:40:34+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_download_iex/ 2025-10-17T11:05:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_winrar_uncommon_folder_execution/ 2025-10-17T10:27:59+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_cve_2025_32463_sudo_chroot_execution/ 2025-10-17T07:29:17+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_failed_logon_reasons/ 2025-10-17T02:27:25+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_alternate_powershell_hosts/ 2025-10-17T02:27:25+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_smb_file_creation_admin_shares/ 2025-10-17T02:27:25+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_office_susp_file_extension/ 2025-10-17T02:12:13+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_office_uncommon_ports/ 2025-10-17T02:12:13+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_office_outbound_non_local_ip/ 2025-10-17T02:12:13+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_raccess_sensitive_fext/ 2025-10-17T02:12:13+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/zeek_smb_converted_win_susp_raccess_sensitive_fext/ 2025-10-17T02:12:13+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_dll_vssapi_susp_load/ 2025-10-17T02:12:13+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_wsman_provider_image_load/ 2025-10-17T02:12:13+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_crypto_giveaway/ 2025-10-16T18:32:06+00:00 https://detection.fyi/tags/data-source-entra-id-protection-logs/ 2025-10-16T18:29:28+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/initial_access_entra_id_protection_confirmed_compromise/ 2025-10-16T18:29:28+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/exfiltration_azure_storage_blob_download_azcopy_sas_token/ 2025-10-16T16:00:55+00:00 https://detection.fyi/tags/data-source-azure-storage/ 2025-10-16T16:00:55+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_square/ 2025-10-16T13:42:21+00:00 https://detection.fyi/sublime-security/sublime-rules/link_executable_suspicious/ 2025-10-16T13:29:02+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_ssh_proxy_execution/ 2025-10-16T11:47:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dotnet_arbitrary_dll_csproj_execution/ 2025-10-16T00:33:18+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_docusign_image_lure_qr_code/ 2025-10-15T14:56:56+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_shein/ 2025-10-15T11:31:33+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_revshell_cmd_via_netcat/ 2025-10-15T11:30:09+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_aws/ 2025-10-10T18:11:02+00:00 https://detection.fyi/sublime-security/sublime-rules/link_file_share_suspicious_subject_match/ 2025-10-10T16:57:23+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_aquent/ 2025-10-09T21:33:45+00:00 https://detection.fyi/sigmahq/sigma/windows/pipe_created/pipe_created_powershell_alternate_host_pipe/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_dll_amsi_suspicious_process/ 2025-10-09T11:03:39+00:00 https://detection.fyi/tags/attack.t1070.001/ 2025-10-09T11:03:39+00:00 https://detection.fyi/tags/attack.t1137.006/ 2025-10-09T11:03:39+00:00 https://detection.fyi/tags/attack.t1218.007/ 2025-10-09T11:03:39+00:00 https://detection.fyi/tags/attack.t1218.010/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_set_policies_to_unsecure_level/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_delete/registry_delete_defender_context_menu/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_fltmc_unload_driver/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_netsh_fw_delete_rule/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/firewall_as/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_lazagne/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_internet_explorer_disable_first_run_customize/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sc_new_kernel_driver/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_antivirus/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_disable_autologger_sessions/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_dbgcore/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_dbghelp/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_jli/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_susp_pendingfilerenameoperations/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_office_vsto/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_user_driver_loaded/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_browser_launch_from_document_reader_process/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_appx_execution/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_dll_system_management_automation_susp_load/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_mounted_share_deletion/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_powershell_module_uncommon_creation/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_sysnative/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_squirrel_proxy_execution/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_ps_script_policy_test_creation_by_uncommon_process/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_python_inline_command_execution/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_clear_eventlog/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_msiexec_install_remote/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/firewall_as/win_firewall_as_add_rule/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_susp_unsigned_dll/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_shell_write_susp_files_extensions/ 2025-10-09T11:03:39+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_pnc_bank/ 2025-10-09T05:06:21+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_recruiting_impersonation/ 2025-10-07T18:32:41+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_reg_disable_enableglobalqueryblocklist/ 2025-10-07T15:40:23+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_reg_service_imagepath_mod/ 2025-10-07T15:40:23+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_services_registry/ 2025-10-07T15:40:23+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_delete/file_delete_win_delete_iis_access_logs/ 2025-10-07T08:56:48+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_iis_logs_deletion/ 2025-10-07T08:56:48+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_unusual_dns_service_file_writes/ 2025-10-06T16:09:14+00:00 https://detection.fyi/sublime-security/sublime-rules/appsheet_infra_abuse/ 2025-10-06T14:09:25+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/privilege_escalation_azure_rbac_administrator_roles_assigned/ 2025-10-06T13:38:56+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/collection_azure_storage_account_blob_public_access_enabled/ 2025-10-06T13:15:07+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_todo_list/ 2025-10-06T11:58:19+00:00 https://detection.fyi/elastic/detection-rules/linux/credential_access_unusual_instance_metadata_service_api_request/ 2025-10-06T11:19:22+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_run_key_and_startup_broad/ 2025-10-06T08:24:33+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_finra/ 2025-10-03T22:46:59+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_google_looker_studio_report/ 2025-10-02T20:10:44+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_robert_half/ 2025-10-01T17:51:32+00:00 https://detection.fyi/sublime-security/sublime-rules/service_abuse_cisco_secure_email/ 2025-10-01T16:19:55+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_ics_file_non_rfc_compliant/ 2025-10-01T14:05:54+00:00 https://detection.fyi/tags/attack.t1036.002/ 2025-10-01T12:16:23+00:00 https://detection.fyi/tags/attack.t1218.014/ 2025-10-01T12:16:23+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mmc_rlo_abuse_pattern/ 2025-10-01T12:16:23+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_win_mmc_loads_script_engine_dll/ 2025-10-01T12:16:23+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_right_to_left_override/ 2025-10-01T12:16:23+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_right_to_left_override_extension_spoofing/ 2025-10-01T12:16:23+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_conhost_susp_winshell_child_process/ 2025-10-01T12:16:23+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_conhost_susp_child_process/ 2025-10-01T12:16:23+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_security_susp_node_js_execution/ 2025-10-01T10:18:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_inline_node_js_execution/ 2025-10-01T10:18:11+00:00 https://detection.fyi/tags/attack.t1595/ 2025-10-01T09:58:24+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_hello_world_user_agent/ 2025-10-01T09:58:24+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_susp_local_group_reco/ 2025-10-01T09:50:48+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_local_group_reco/ 2025-10-01T09:50:48+00:00 https://detection.fyi/tags/attack.t1027.002/ 2025-10-01T09:46:41+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_susp_python_image_load/ 2025-10-01T09:46:41+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/unc4841-barracuda-esg-zero-day-exploitation/file_event_lnx_apt_unc4841_file_indicators/ 2025-10-01T09:28:58+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/unc4841-barracuda-esg-zero-day-exploitation/ 2025-10-01T09:28:58+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_uninstall_defender_feature/ 2025-10-01T08:54:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_coercedpotato/ 2025-10-01T08:03:28+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_susp_shellexec_ordinal_execution/ 2025-10-01T08:03:28+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_tor_onion_domain_query/ 2025-10-01T08:00:15+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/dns_client/win_dns_client_tor_onion/ 2025-10-01T08:00:15+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/credential_access_storage_account_key_regenerated/ 2025-09-30T19:51:50+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws_bedrock/aws_bedrock_multiple_attempts_to_use_denied_models_by_user/ 2025-09-30T04:36:29+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws_bedrock/aws_bedrock_guardrails_multiple_violations_by_single_user/ 2025-09-30T04:36:29+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws_bedrock/aws_bedrock_execution_without_guardrails/ 2025-09-30T04:36:29+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure_openai/azure_openai_insecure_output_handling_detection/ 2025-09-30T04:36:29+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure_openai/ 2025-09-30T04:36:29+00:00 https://detection.fyi/tags/data-source-azure-event-hubs/ 2025-09-30T04:36:29+00:00 https://detection.fyi/tags/data-source-azure-openai/ 2025-09-30T04:36:29+00:00 https://detection.fyi/tags/mitre-atlas-llm04/ 2025-09-30T04:36:29+00:00 https://detection.fyi/tags/mitre-atlas-t0015/ 2025-09-30T04:36:29+00:00 https://detection.fyi/tags/mitre-atlas-t0029/ 2025-09-30T04:36:29+00:00 https://detection.fyi/tags/mitre-atlas-t0034/ 2025-09-30T04:36:29+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/credential_access_multiple_device_token_hashes_for_single_okta_session/ 2025-09-30T04:36:29+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_with_the_same_device_token_hash/ 2025-09-30T04:36:29+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/initial_access_okta_user_sessions_started_from_different_geolocations/ 2025-09-30T04:36:29+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws_bedrock/aws_bedrock_high_resource_consumption_detection/ 2025-09-30T04:36:29+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure_openai/azure_openai_model_theft_detection/ 2025-09-30T04:36:29+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure_openai/azure_openai_denial_of_ml_service_detection/ 2025-09-30T04:36:29+00:00 https://detection.fyi/tags/use-case-denial-of-service/ 2025-09-30T04:36:29+00:00 https://detection.fyi/tags/use-case-insecure-output-handling/ 2025-09-30T04:36:29+00:00 https://detection.fyi/tags/use-case-model-theft/ 2025-09-30T04:36:29+00:00 https://detection.fyi/tags/use-case-potential-overload/ 2025-09-30T04:36:29+00:00 https://detection.fyi/tags/use-case-resource-exhaustion/ 2025-09-30T04:36:29+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/credential_access_azure_storage_account_keys_accessed/ 2025-09-29T16:20:31+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_new_job_cold_outreach/ 2025-09-29T15:09:44+00:00 https://detection.fyi/sublime-security/sublime-rules/canva_suspicious_embedded_link/ 2025-09-29T14:49:39+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_stripe_notification/ 2025-09-26T14:26:51+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_recipient_in_javascript_identifiers/ 2025-09-25T16:11:26+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_ics_organizer_new_domain/ 2025-09-25T13:34:14+00:00 https://detection.fyi/sublime-security/sublime-rules/link_financial_pdf_to_free_file_host/ 2025-09-24T20:54:06+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_okta/ 2025-09-23T20:31:42+00:00 https://detection.fyi/sublime-security/sublime-rules/recipient_sld_html_class/ 2025-09-23T19:04:02+00:00 https://detection.fyi/sublime-security/sublime-rules/eml_attachment_unrelated_sharepoint_link/ 2025-09-23T18:45:21+00:00 https://detection.fyi/sublime-security/sublime-rules/eml_attachment_link_sharepoint_netorgft/ 2025-09-23T18:45:02+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_box_file_share/ 2025-09-23T14:32:32+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_callback_phish_via_text_file/ 2025-09-22T20:03:02+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_fake_attachment_image/ 2025-09-22T20:02:03+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_fake_scan_to_email/ 2025-09-22T20:02:03+00:00 https://detection.fyi/sublime-security/sublime-rules/link_coinbase_low_rep_or_shortened/ 2025-09-22T20:02:03+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_metamask/ 2025-09-22T20:02:03+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_ups/ 2025-09-22T20:02:03+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_vanguard/ 2025-09-22T20:02:03+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_zoom/ 2025-09-22T20:02:03+00:00 https://detection.fyi/sublime-security/sublime-rules/dropbox_credential_phishing_via_comment/ 2025-09-22T20:02:03+00:00 https://detection.fyi/tags/suspicious-content/ 2025-09-22T20:02:03+00:00 https://detection.fyi/sublime-security/sublime-rules/link_suspicious_message_unscannable_cloudflare/ 2025-09-22T20:02:03+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_dns_susp_tld/ 2025-09-22T12:43:10+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_regmod_remotemonologue/ 2025-09-22T12:43:10+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_ics_embedded_document/ 2025-09-22T12:11:02+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-24054/ 2025-09-22T10:55:51+00:00 https://detection.fyi/tags/cve.2025-24054/ 2025-09-22T10:55:51+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-24054/file_event_win_exploit_cve_2025_24054_library_ms/ 2025-09-22T10:55:51+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_console_history_file_access/ 2025-09-22T10:53:59+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_tacticalrmm_agent_registration_via_cli/ 2025-09-22T10:47:36+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_regsvr32_susp_extensions/ 2025-09-22T10:18:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_service_tamper/ 2025-09-22T10:18:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_vscode_tunnel_renamed_execution/ 2025-09-22T10:13:07+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_vscode_tunnel_execution/ 2025-09-22T10:13:07+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_kerberos_key_distribution_center/win_system_kdcsvc_cert_use_no_strong_mapping/ 2025-09-22T09:50:48+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_kerberos_key_distribution_center/ 2025-09-22T09:50:48+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_kerberos_key_distribution_center/win_system_kdcsvc_tgs_no_suitable_encryption_key_found/ 2025-09-22T09:50:48+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sc_create_service/ 2025-09-22T09:46:48+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_notepad_plus_plus_persistence/ 2025-09-22T09:46:48+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_psexec_remote_execution/ 2025-09-22T09:46:48+00:00 https://detection.fyi/tags/attack.t1505.004/ 2025-09-22T09:41:37+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/iis-configuration/win_iis_logging_etw_disabled/ 2025-09-22T09:41:37+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/iis-configuration/win_iis_logging_http_disabled/ 2025-09-22T09:41:37+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/iis-configuration/ 2025-09-22T09:41:37+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/iis-configuration/win_iis_module_added/ 2025-09-22T09:41:37+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/iis-configuration/win_iis_module_removed/ 2025-09-22T09:41:37+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_digital_ocean/ 2025-09-18T20:17:47+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_godaddy/ 2025-09-17T20:56:48+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_sus_pdf_chrome/ 2025-09-17T12:57:17+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_xlsx_sus_exif_titleofparts/ 2025-09-16T13:43:42+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_via_xp_cmdshell_mssql_stored_procedure/ 2025-09-15T16:38:03+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_lsass_memdump_handle_access/ 2025-09-15T16:38:03+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_dcsync_replication_rights/ 2025-09-15T16:38:03+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_uac_bypass_event_viewer/ 2025-09-15T16:29:37+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_exploit_cve_202238028/ 2025-09-15T16:29:37+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_rogue_windir_environment_var/ 2025-09-15T16:29:37+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_windows_service_via_unusual_client/ 2025-09-15T16:29:37+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_priv_escalation_via_accessibility_features/ 2025-09-15T16:18:55+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_evasion_rdp_shadowing/ 2025-09-15T16:18:55+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_execution_from_inetcache/ 2025-09-15T16:18:55+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_evasion_registry_startup_shell_folder_modified/ 2025-09-15T16:18:55+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_unusual_dns_service_children/ 2025-09-15T16:18:55+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_clearing_windows_event_logs/ 2025-09-15T16:06:23+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_disabling_windows_logs/ 2025-09-15T16:06:23+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_disabling_windows_defender_powershell/ 2025-09-15T16:06:23+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_suspicious_ms_exchange_worker_child_process/ 2025-09-15T16:06:23+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_webshell_screenconnect_server/ 2025-09-15T16:06:23+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_defender_exclusion_via_powershell/ 2025-09-15T16:06:23+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_powershell_windows_firewall_disabled/ 2025-09-15T16:06:23+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_via_mmc_console_file_unusual_path/ 2025-09-15T15:34:43+00:00 https://detection.fyi/elastic/detection-rules/windows/discovery_host_public_ip_address_lookup/ 2025-09-15T15:34:43+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_iis_httplogging_disabled/ 2025-09-15T14:53:31+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_execution_windefend_unusual_path/ 2025-09-15T14:53:31+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_proxy_execution_via_msdt/ 2025-09-15T14:53:31+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_unusual_system_vp_child_program/ 2025-09-15T14:53:31+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_initial_access_via_msc_file/ 2025-09-15T14:53:31+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_mod_wdigest_security_provider/ 2025-09-15T14:44:20+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_outlook_home_page/ 2025-09-15T14:44:20+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_cmdline_dump_tool/ 2025-09-15T14:44:20+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_execution_suspicious_explorer_winword/ 2025-09-15T14:44:20+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_headless_browser/ 2025-09-15T14:44:20+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/lateral_movement_sns_topic_message_publish_by_rare_user/ 2025-09-11T21:25:04+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/exfiltration_dynamodb_scan_by_unusual_user/ 2025-09-11T20:59:39+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/exfiltration_dynamodb_table_exported_to_s3/ 2025-09-11T20:59:39+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_squarespace/ 2025-09-11T20:33:22+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/credential_access_okta_mfa_bombing_via_push_notifications/ 2025-09-11T20:24:09+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/credential_access_okta_potentially_successful_okta_bombing_via_push_notifications/ 2025-09-11T20:24:09+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/lateral_movement_aws_ssm_start_session_to_ec2_instance/ 2025-09-11T19:54:31+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_ec2_route_table_modified_or_deleted/ 2025-09-11T19:35:16+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/persistence_iam_create_user_via_assumed_role_on_ec2_instance/ 2025-09-11T19:11:40+00:00 https://detection.fyi/elastic/detection-rules/integrations/azure/persistence_entra_id_mfa_disabled_for_user/ 2025-09-09T18:19:13+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/persistence_mfa_deactivation_with_no_reactivation/ 2025-09-09T18:19:13+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/credential_access_multiple_auth_events_from_single_device_behind_proxy/ 2025-09-09T18:19:13+00:00 https://detection.fyi/sublime-security/sublime-rules/bec_student_loan_callback_scam/ 2025-09-05T14:01:05+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_phishing_sumup/ 2025-09-05T14:01:05+00:00 https://detection.fyi/sublime-security/sublime-rules/venmo_payment_abuse/ 2025-09-05T14:01:05+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_untrusted_driver_loaded/ 2025-09-05T13:12:30+00:00 https://detection.fyi/sublime-security/sublime-rules/link_multistage_buildin_ai/ 2025-09-05T12:35:46+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_base64_encoded_bash_command_in_filename/ 2025-09-04T23:51:12+00:00 https://detection.fyi/sublime-security/sublime-rules/malformed_url_prefix/ 2025-09-04T12:12:21+00:00 https://detection.fyi/sublime-security/sublime-rules/credential_phishing_cross_site_scripting_in_sub/ 2025-09-04T07:26:35+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_binance/ 2025-09-03T20:06:03+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_schwab/ 2025-09-03T19:47:57+00:00 https://detection.fyi/sublime-security/sublime-rules/fictitious_invoice_using_linkedin_address/ 2025-09-03T13:19:21+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_modify_ownership_os_files/ 2025-09-02T15:18:35+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_network_connection_from_windows_binary/ 2025-09-01T16:47:53+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_shared_modules_local_sxs_dll/ 2025-09-01T16:30:21+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_rdp_file_mail_attachment/ 2025-09-01T16:30:21+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_suspicious_psexesvc/ 2025-09-01T16:30:21+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_windows_cmd_shell_susp_args/ 2025-09-01T16:30:21+00:00 https://detection.fyi/elastic/detection-rules/windows/discovery_ad_explorer_execution/ 2025-09-01T15:58:22+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_appinitdlls_registry/ 2025-09-01T15:25:52+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_printspooler_registry_copyfiles/ 2025-09-01T15:25:52+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_unusual_network_connection_via_dllhost/ 2025-09-01T15:25:52+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_unusual_network_connection_via_rundll32/ 2025-09-01T15:25:52+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_uac_bypass_dll_sideloading/ 2025-09-01T15:12:42+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_browsers_unusual_parent/ 2025-09-01T14:41:51+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_msiexec_child_proc_netcon/ 2025-09-01T14:41:51+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_rmm_netsupport_susp_path/ 2025-09-01T14:41:51+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_windows_phish_clickfix/ 2025-09-01T14:41:51+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_windows_fakecaptcha_cmd_ps/ 2025-09-01T14:41:51+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_remcos_rat_iocs/ 2025-09-01T14:41:51+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_indirect_exec_conhost/ 2025-09-01T14:41:51+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_indirect_exec_openssh/ 2025-09-01T14:41:51+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_masquerading_renamed_autoit/ 2025-09-01T14:41:51+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_script_via_html_app/ 2025-09-01T14:41:51+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_scripting_remote_webdav/ 2025-09-01T14:41:51+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_nodejs_susp_patterns/ 2025-09-01T14:41:51+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_mshta_susp_child/ 2025-09-01T14:41:51+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_scripts_archive_file/ 2025-09-01T14:41:51+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_wsl_kalilinux/ 2025-09-01T12:31:12+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_com_object_xwizard/ 2025-09-01T12:31:12+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_lolbas_win_cdb_utility/ 2025-09-01T12:31:12+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_suspicious_ms_exchange_process/ 2025-09-01T12:31:12+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_workfolders_control_execution/ 2025-09-01T12:31:12+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_uac_bypass_diskcleanup_hijack/ 2025-09-01T12:31:12+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_attendee_list_solicitation/ 2025-08-29T08:49:14+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_execution_tmp_folder/ 2025-08-29T08:34:46+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_netsh_helper_dll/ 2025-08-28T20:28:14+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_msoffice_startup_registry/ 2025-08-28T20:28:14+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_ms_office_addins_file/ 2025-08-28T20:28:14+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_ms_outlook_vba_template/ 2025-08-28T20:28:14+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_powershell_profiles/ 2025-08-28T20:28:14+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_disable_uac_registry/ 2025-08-28T20:07:38+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_unquoted_service_path/ 2025-08-28T20:07:38+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_werfault_reflectdebugger/ 2025-08-28T20:07:38+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_via_lsa_security_support_provider_registry/ 2025-08-28T19:50:59+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_via_hidden_run_key_valuename/ 2025-08-28T19:50:59+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_time_provider_mod/ 2025-08-28T19:50:59+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_suspicious_service_created_registry/ 2025-08-28T19:50:59+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_evasion_hidden_local_account_creation/ 2025-08-28T19:40:03+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_evasion_registry_ifeo_injection/ 2025-08-28T19:40:03+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_app_compat_shim/ 2025-08-28T19:40:03+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_appcertdlls_registry/ 2025-08-28T19:40:03+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_powershell_remoting_target/ 2025-08-28T19:28:49+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_incoming_winrm_shell_execution/ 2025-08-28T19:28:49+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_defense_evasion_lanman_nullsessionpipe_modification/ 2025-08-28T19:28:49+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_rdp_enabled_registry/ 2025-08-28T19:28:49+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_html_help_executable_program_connecting_to_the_internet/ 2025-08-28T19:15:25+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_psexec_lateral_movement_command/ 2025-08-28T19:15:25+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_wsl_registry_modification/ 2025-08-28T19:15:25+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_via_filter_manager/ 2025-08-28T19:04:55+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_system_critical_proc_abnormal_file_activity/ 2025-08-28T19:04:55+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_unusual_process_network_connection/ 2025-08-28T19:04:55+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_wdac_policy_by_unusual_process/ 2025-08-28T19:04:55+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_sdelete_like_filename_rename/ 2025-08-28T18:51:45+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_sip_provider_mod/ 2025-08-28T18:51:45+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_solarwinds_backdoor_service_disabled_via_registry/ 2025-08-28T18:51:45+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_scheduledjobs_at_protocol_enabled/ 2025-08-28T18:37:15+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_rundll32_no_arguments/ 2025-08-28T18:37:15+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_ms_office_suspicious_regmod/ 2025-08-28T18:26:09+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_mshta_beacon/ 2025-08-28T18:26:09+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_msxsl_network/ 2025-08-28T18:26:09+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_misc_lolbin_connecting_to_the_internet/ 2025-08-28T18:26:09+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_ntlm_downgrade/ 2025-08-28T18:26:09+00:00 https://detection.fyi/tags/attack.t1218.008/ 2025-08-28T18:11:57+00:00 https://detection.fyi/tags/attack.t1572/ 2025-08-28T18:11:57+00:00 https://detection.fyi/tags/car.2013-07-001/ 2025-08-28T18:11:57+00:00 https://detection.fyi/tags/car.2013-09-005/ 2025-08-28T18:11:57+00:00 https://detection.fyi/tags/car.2016-03-001/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_esentutl_sensitive_file_copy/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_curl_download_exec_combo/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_diskshadow_script_mode_susp_location/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_diskshadow_script_mode_susp_ext/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_msiexec_dll/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_whoami_all_execution/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_esentutl_webcache/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_del_execution/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_forfiles_proxy_execution_/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_iis_appcmd_susp_module_install/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_findstr_subfolder_search/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_livekd_kernel_memory_dump/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_tasklist_module_enumeration/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_unregmp2/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_msiexec_install_quiet/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mstsc_remote_connection/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_ssh_port_forward/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_msdt_arbitrary_command_execution/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_ftp_arbitrary_command_execution/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_eula_accepted/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_susp_psexec_paexec_flags/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_regsvr32_flags_anomaly/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_expand_cabinet_files/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_ping_copy_combined_execution/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rdrleakdiag_process_dumping/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_psexec_paexec_escalate_system/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/qakbot/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/qakbot/proc_creation_win_malware_qakbot_regsvr32_calc_pattern/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/malware/raspberry-robin/proc_creation_win_malware_raspberry_robin_external_drive_exec/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/malware/raspberry-robin/proc_creation_win_malware_raspberry_robin_execution/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/malware/raspberry-robin/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lodctr_performance_counter_tampering/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_findstr_download/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_sysinternals_procdump/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_replace/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_odbcconf_response_file/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_iexpress_susp_execution/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_msdt_susp_cab_options/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_certoc_load_dll_susp_locations/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_msiexec_execute_dll/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_ping_del_combined_execution/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_odbcconf_response_file_susp/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_susp_service_installation_script/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_psloglist/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_sysmon_config_update/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_sysmon_uninstall/ 2025-08-28T18:11:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reagentc_disable_windows_recovery_environment/ 2025-08-28T18:11:57+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_microsoft_defender_tampering/ 2025-08-28T18:05:42+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_file_creation_mult_extension/ 2025-08-28T17:55:21+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_installutil_beacon/ 2025-08-28T17:55:21+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_code_signing_policy_modification_registry/ 2025-08-28T17:40:34+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_dns_over_https_enabled/ 2025-08-28T17:40:34+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_execution_msbuild_started_renamed/ 2025-08-28T17:40:34+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_disable_nla/ 2025-08-28T17:40:34+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_tool_transfer_via_curl/ 2025-08-28T17:20:13+00:00 https://detection.fyi/elastic/detection-rules/windows/impact_backup_file_deletion/ 2025-08-28T17:20:13+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_mimikatz_memssp_default_logs/ 2025-08-28T13:43:09+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_amsienable_key_mod/ 2025-08-28T13:43:09+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_port_forwarding_added_registry/ 2025-08-28T13:43:09+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_amsi_bypass_dllhijack/ 2025-08-28T13:43:09+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/discovery_new_terms_sts_getcalleridentity/ 2025-08-25T15:44:58+00:00 https://detection.fyi/sublime-security/sublime-rules/unicode_qr_code/ 2025-08-25T13:41:31+00:00 https://detection.fyi/sublime-security/sublime-rules/link_romance_suspicious/ 2025-08-22T14:52:47+00:00 https://detection.fyi/sublime-security/sublime-rules/link_multistage_freshdesk/ 2025-08-21T11:55:34+00:00 https://detection.fyi/sublime-security/sublime-rules/link_multistage_trello/ 2025-08-20T21:55:26+00:00 https://detection.fyi/sublime-security/sublime-rules/link_myactivecampaign_abuse/ 2025-08-20T21:40:01+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_via_timetrade/ 2025-08-20T21:09:55+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_eml_with_html_attachment/ 2025-08-20T21:09:04+00:00 https://detection.fyi/sublime-security/sublime-rules/link_limewire_direct/ 2025-08-18T15:33:38+00:00 https://detection.fyi/sublime-security/sublime-rules/vip_impersonation_subject/ 2025-08-14T22:30:34+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_adexplorer_execution/ 2025-08-14T12:29:11+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_sysinternals_adexplorer_dump_written/ 2025-08-14T12:29:11+00:00 https://detection.fyi/tags/attack.ds0005/ 2025-08-14T12:29:11+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_create_volume_shadow_copy/ 2025-08-14T12:29:11+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_reflectdebugger/ 2025-08-14T12:29:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_adexplorer_susp_execution/ 2025-08-14T12:29:11+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_windows_defender_tamper/ 2025-08-14T12:29:11+00:00 https://detection.fyi/tags/attack.t1114.003/ 2025-08-14T12:08:21+00:00 https://detection.fyi/tags/attack.t1484.002/ 2025-08-14T12:08:21+00:00 https://detection.fyi/tags/attack.t1562.007/ 2025-08-14T12:08:21+00:00 https://detection.fyi/tags/attack.t1580/ 2025-08-14T12:08:21+00:00 https://detection.fyi/tags/attack.t1619/ 2025-08-14T12:08:21+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_cloudtrail_disable_logging/ 2025-08-14T12:08:21+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_config_disable_recording/ 2025-08-14T12:08:21+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_cloudflared_communication/ 2025-08-14T12:08:21+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/audit/microsoft365_disabling_mfa/ 2025-08-14T12:08:21+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_devtunnels_communication/ 2025-08-14T12:08:21+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/audit/microsoft365_new_federated_domain_added_audit/ 2025-08-14T12:08:21+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_cloudtrail_new_acl_entries/ 2025-08-14T12:08:21+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_cloudtrail_new_route_added/ 2025-08-14T12:08:21+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_enum_buckets/ 2025-08-14T12:08:21+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/identity_protection/azure_identity_protection_inbox_forwarding_rule/ 2025-08-14T12:08:21+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_domain_btunnels/ 2025-08-14T12:05:46+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_meshagent_exec/ 2025-08-14T12:05:46+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_create_mod_root_certificate/ 2025-08-13T12:41:57+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_masquerading_werfault/ 2025-08-13T11:46:46+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_unusual_dir_ads/ 2025-08-13T11:46:46+00:00 https://detection.fyi/sublime-security/sublime-rules/vip_impersonation_local_part/ 2025-08-12T18:16:02+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_eml_svg_js/ 2025-08-08T15:08:48+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_svg_file_execution/ 2025-08-08T15:08:48+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_svg_evasion/ 2025-08-08T15:08:48+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_web_suspicious_comments/ 2025-08-08T15:08:48+00:00 https://detection.fyi/sublime-security/sublime-rules/link_credential_phishing_suspicious_sender_tld_and_signals/ 2025-08-07T19:02:40+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws_bedrock/aws_bedrock_multiple_validation_exception_errors_by_single_user/ 2025-08-05T23:35:41+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/credential_access_entra_signin_brute_force_microsoft_365_repeat_source/ 2025-08-05T23:35:41+00:00 https://detection.fyi/tags/mitre-atlas-t0046/ 2025-08-05T23:35:41+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/execution_potential_widespread_malware_infection/ 2025-08-05T23:35:41+00:00 https://detection.fyi/sublime-security/sublime-rules/headers_anonymousfox/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_callback_phish_with_pdf/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_malicious_creator_juliep/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_docx_embedded_binary/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_double_encoded_zip/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_eicar/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_fake_vm_pdf/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_filename_containing_unicode_braille_pattern_blank_character/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_location/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_emoji_map/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_javascript_http/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_open_redirect_doubleclick/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_msi_installer/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_powershell_content/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_rdp_connection_file/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_soda_pdf_encrypt/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_sus_ta4903_usda/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/bec_fraud_penpal_scam/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/bec_fraud_scam_lure_out_of_band_pivot/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_aliexpress/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_siriusxm/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_trust_wallet/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_wetransfer/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_catbox/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/credential_phishing_hyperlinked_image_to_free_file_host/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_docusign_via_cloudhq/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_docusign_via_spoof_intuit/ 2025-08-05T02:03:41+00:00 https://detection.fyi/tags/eicar/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_employee_payroll_fraud/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_encrypted_msft_office_files/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_extortion/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/bec_fraudulent_etailer/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/sender_freemail_replyto_different_freemail/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/generic_service_abuse_reply_to/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_chrome_web_store_policy/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/headers_dl_unsolicited/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_chatbot_page_abuse/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_undisclosed_recipients_credphish/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_russian_traversed_credential_phishing/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_wordpress_credphish/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_gammaapp_present/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_keap_contact_us/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_zoom_docs_direct/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_powrio_form/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_multistage_frame_io/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_multistage_docusign/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_multistage_google_drive/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_ludus_presentation_cred_theft/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_published_google_doc/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_userinfo_excessive_padding/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_referrer_anon_services/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_scribd_fullscreen/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_squarespace_abuse/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_sharepoint_folder_file/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_sharepoint_sender_display_name/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_webflow_unsolicited/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_zoho_forms_unsolicited/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/free_file_share_with_mismatched_links/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/asr_new_sender_or_reply_to_with_new_linked_dom/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_adnxs/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_bananaguide/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_bangkoksync/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_bitrix24/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_chkc/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_k-mil/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_linkedin_redirect/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_museepicassoparis/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_nowlifestyle/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_pirlsandiego/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_plasticsurgery/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_predictiveresponse/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_samsung/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_didatravel/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_bigpress/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_ssg-financial/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_tuttocauzioni/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_weblinkconnect/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_xfinity_cmp/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_adobe_sign_unsolicited_reply-to/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_docusign_sus_names/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_dropbox_unsolicited_reply-to/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_google_account_notification/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_google_drive_unsolicited_reply-to/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/abuse_hellosign_unsolicited_sender/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_item_giveaway/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_explicit_google_drive_share/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/wordpress_abuse_cross_site_scripting/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/suspicious_attachment_duplicate_decoy_pdf_attachments/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/docusign_new_sender_domain/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/suspicious_sharepoint_file_shared/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/sender_long_local_part/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/govdelivery_compromise/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_x_with_credphish_nlu/ 2025-08-05T02:03:41+00:00 https://detection.fyi/sublime-security/sublime-rules/link_qr_code_in_img_or_pdf_with_phishing_disposition/ 2025-07-30T18:40:11+00:00 https://detection.fyi/sublime-security/sublime-rules/link_qr_code_suspicious_language_fts/ 2025-07-30T18:39:27+00:00 https://detection.fyi/sublime-security/sublime-rules/link_onion/ 2025-07-30T16:30:52+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_domain_mega_nz/ 2025-07-30T12:30:55+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_domain_dropbox_api/ 2025-07-30T12:30:04+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_domain_vscode_tunnel_connection/ 2025-07-30T11:17:17+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_domain_cloudflared_communication/ 2025-07-30T11:08:43+00:00 https://detection.fyi/tags/attack.t1102/ 2025-07-30T11:06:56+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_domain_ngrok/ 2025-07-30T11:06:56+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_domain_devtunnels/ 2025-07-30T11:05:31+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_domain_telegram_api_non_browser_access/ 2025-07-30T10:59:41+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_double_extension/ 2025-07-29T08:30:55+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_office_outlook_susp_file_creation_in_temp_dir/ 2025-07-29T08:30:55+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-53770/ 2025-07-28T12:22:06+00:00 https://detection.fyi/tags/cve.2025-53770/ 2025-07-28T12:22:06+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-53770/file_event_win_exploit_cve_2025_53770/ 2025-07-28T12:22:06+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_filewrite_in_sharepoint_layouts_dir/ 2025-07-28T12:22:06+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_invoke_webrequest_useragent/ 2025-07-28T11:32:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_obfuscated_ip_download/ 2025-07-28T11:32:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_download_dll/ 2025-07-28T11:32:57+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_script_with_upload_capabilities/ 2025-07-28T11:32:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_invoke_webrequest_download/ 2025-07-28T11:32:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_invoke_webrequest_direct_ip/ 2025-07-28T11:32:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_disable_defender_wmi_autologger/ 2025-07-28T11:25:23+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_defender_default_action_modified/ 2025-07-28T11:25:23+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_defender_remove_context_menu/ 2025-07-28T11:25:23+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_defender_threat_action_modified/ 2025-07-28T11:25:23+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_rtf_file_with_suspicious_link/ 2025-07-23T15:44:43+00:00 https://detection.fyi/sublime-security/sublime-rules/link_multistage_adobe_express/ 2025-07-23T15:44:43+00:00 https://detection.fyi/sublime-security/sublime-rules/link_quickbooks_image_lure_suspicious_link/ 2025-07-23T15:44:43+00:00 https://detection.fyi/sublime-security/sublime-rules/spoofable_internal_domain_suspicious_signals/ 2025-07-23T15:44:43+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-53770/proc_creation_win_exploit_cve_2025_53770_indicators/ 2025-07-21T09:34:26+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-53770/web_win_iis_exploit_cve_2025_53770/ 2025-07-21T09:34:26+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/exfiltration_ec2_ami_shared_with_separate_account/ 2025-07-21T04:42:13+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/exfiltration_ec2_snapshot_change_activity/ 2025-07-18T23:35:35+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/execution_ssm_sendcommand_by_rare_user/ 2025-07-18T23:15:36+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/defense_evasion_vpc_security_group_ingress_rule_added_for_remote_connections/ 2025-07-18T23:15:36+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_linking_to_password_protected_file/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_with_encrypted_zip_unsolicited/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_with_suspicious_author_unsolicited/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_with_unknown_encrypted_zip_unsolicited/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_ics_open_redirect/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_dropbox_image_suspicious_links/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_eml_cred_theft/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_emotet_heavily_padded_doc_in_zip/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_microsoft_pdf_link/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_dashlane/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_dotloop/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_microsoft_quarantine_release_in_body/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_microsoft_quarantine_image/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_ripple/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_spotify/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_stellar/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/body_business_email_compromise_unsolicited/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/francais_business_email_compromise_new_sender/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/headers_bec_masked_recipients_no_links_freemail_replyto/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/callback_phishing_google_group/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/link_credential_phishing_intent_and_other_indicators_2/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/link_credential_phishing/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/credential_phishing_email_delivery_failure_impersonation/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/link_suspicious_language_undisclosed_recipients/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/link_cyrillic_substitutions_unsolicited/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_recipient_domain_display_name_subject/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/link_google_drive_direct_download_unsolicited/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_human_resources/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/inline_image_as_message/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/link_download_dmg_in_archive/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/link_download_dmg_in_encrypted_zip/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/link_html_smuggling_with_adobe_branding/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/link_deactivated_bitly/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/link_gcal_invite_open_redirect/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/link_sharepoint_netorgft/ 2025-07-16T17:20:00+00:00 https://detection.fyi/tags/malfam-atomicstealer/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_malwarebazaar_hash_in_archive/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/mass_campaign_xss/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/link_notion_file_share/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/recruitee_infra_abuse/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_blob_core_from_new_dom/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_new_domain_emojis/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_single_malformed_pdf_romance/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/asr_suspicious_mailer_gmail/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/link_suspicious_message_unscannable_vercel/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/suspicious_sender_display_name_procedurally_generated_blob/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/infrastructure_abuse_ts/ 2025-07-16T17:20:00+00:00 https://detection.fyi/sublime-security/sublime-rules/infrastructure_abuse_tco/ 2025-07-16T17:20:00+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/impact_virtual_network_device_modified/ 2025-07-14T19:58:11+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_dll_vss_ps_susp_load/ 2025-07-14T10:04:39+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_transf_files_with_cred_data_via_network_shares/ 2025-07-14T10:04:39+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_delete/file_delete_win_zone_identifier_ads_uncommon/ 2025-07-08T08:29:01+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-41120/ 2025-07-08T08:29:01+00:00 https://detection.fyi/tags/cve.2022-41120/ 2025-07-08T08:29:01+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/ldap/ 2025-07-08T08:29:01+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/ldap/win_ldap_recon/ 2025-07-08T08:29:01+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_powershell_drop_binary_or_script/ 2025-07-08T08:29:01+00:00 https://detection.fyi/sigmahq/sigma/windows/create_remote_thread/create_remote_thread_win_susp_uncommon_source_image/ 2025-07-08T08:29:01+00:00 https://detection.fyi/sigmahq/sigma/windows/create_remote_thread/create_remote_thread_win_susp_uncommon_target_image/ 2025-07-08T08:29:01+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-41120/proc_creation_win_exploit_cve_2022_41120_sysmon_eop/ 2025-07-08T08:29:01+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_run_virt_windowssandbox/ 2025-07-07T18:55:42+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/persistence_administrator_privileges_assigned_to_okta_group/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/persistence_attempt_to_create_okta_api_token/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/impact_okta_attempt_to_deactivate_okta_application/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/defense_evasion_attempt_to_deactivate_okta_network_zone/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy_rule/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/impact_okta_attempt_to_delete_okta_application/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/defense_evasion_attempt_to_delete_okta_network_zone/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy_rule/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/impact_okta_attempt_to_modify_okta_application/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_network_zone/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy_rule/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/persistence_attempt_to_reset_mfa_factors_for_okta_user_account/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/impact_attempt_to_revoke_okta_api_token/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/credential_access_attempted_bypass_of_okta_mfa/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/credential_access_attempts_to_brute_force_okta_user_account/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/endpoint/elastic_endpoint_security_behavior_detected/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/endpoint/elastic_endpoint_security_behavior_prevented/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/endpoint/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/privileged_access_ml_linux_high_median_process_command_line_entropy_by_user/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/defense_evasion_suspicious_okta_user_password_reset_or_unlock_attempts/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/endpoint/execution_elastic_malicious_file_detected/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/endpoint/execution_elastic_malicious_file_prevented/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/endpoint/defense_evasion_elastic_memory_threat_detected/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/endpoint/defense_evasion_elastic_memory_threat_prevented/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/persistence_okta_attempt_to_modify_or_delete_application_sign_on_policy/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/lateral_movement_multiple_sessions_for_single_user/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/persistence_new_idp_successfully_added_by_admin/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/initial_access_okta_fastpass_phishing/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/okta_threatinsight_threat_suspected_promotion/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/credential_access_user_impersonation_access/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/impact_possible_okta_dos_attack/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_sudo_token_via_process_injection/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/endpoint/impact_elastic_ransomware_detected/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/endpoint/impact_elastic_ransomware_prevented/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/privileged_access_ml_okta_spike_in_group_application_assignment_changes/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/privileged_access_ml_okta_spike_in_group_lifecycle_changes/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/privileged_access_ml_windows_high_count_group_management_events/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/privileged_access_ml_okta_spike_in_group_membership_changes/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/privileged_access_ml_okta_spike_in_group_privilege_changes/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/privileged_access_ml_linux_high_count_privileged_process_events_by_user/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/privileged_access_ml_windows_high_count_special_logon_events/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/privileged_access_ml_windows_high_count_special_privilege_use_events/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/privileged_access_ml_windows_high_count_user_account_management_events/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/privileged_access_ml_okta_spike_in_user_lifecycle_management_changes/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/persistence_stolen_credentials_used_to_login_to_okta_account_after_mfa_reset/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/initial_access_successful_application_sso_from_unknown_client_device/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/initial_access_suspicious_activity_reported_by_okta_user/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/initial_access_okta_user_attempted_unauthorized_access/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/okta/defense_evasion_first_occurence_public_app_client_credential_token_exchange/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/privileged_access_ml_windows_rare_group_name_by_user/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/privileged_access_ml_okta_rare_host_name_by_user/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/privileged_access_ml_windows_rare_device_by_user/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/privileged_access_ml_windows_rare_privilege_assigned_to_user/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/privileged_access_ml_linux_rare_process_executed_by_user/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/privileged_access_ml_okta_rare_region_name_by_user/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/privileged_access_ml_windows_rare_region_name_by_user/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/privileged_access_ml_okta_rare_source_ip_by_user/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/privileged_access_ml_windows_rare_source_ip_by_user/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/pad/privileged_access_ml_okta_high_sum_concurrent_sessions_by_user/ 2025-07-07T15:27:48+00:00 https://detection.fyi/tags/use-case-privileged-access-detection/ 2025-07-07T15:27:48+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_adding_the_hidden_file_attribute_with_via_attribexe/ 2025-07-07T13:32:12+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_masquerading_as_elastic_endpoint_process/ 2025-07-07T13:32:12+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_moving_registry_hive_via_smb/ 2025-07-07T13:32:12+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_kerberos_asrep_roasting/ 2025-07-07T08:25:39+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_vshadow_exec/ 2025-07-03T09:57:48+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_doppelganger/ 2025-07-03T09:55:58+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_devdrv_disallow_antivirus_filter/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_bad_opsec_sacrificial_processes/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_capsh_shell_invocation/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_bcp_export_data/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_hdiutil_create/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_hdiutil_mount/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/dns_client/win_dns_client_put_io/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_hvci_disallowed_images/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/malware/emotet/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/malware/emotet/proc_creation_win_malware_emotet_loader_execution/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/malware/socgholish/proc_creation_win_malware_socgholish_fakeupdates_activity/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_sharpwsus_wsuspendu_execution/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_chflags_hidden_flag/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_python_shell_os_system/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_user_account_mfa_disable/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_udl_exec/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_delete/file_delete_win_delete_own_image/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_gcc_shell_execution/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_find_shell_execution/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_flock_shell_execution/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_git_shell_execution/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_nice_shell_execution/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_env_shell_invocation/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_ssh_shell_execution/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/malware/socgholish/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wermgr_susp_child_process/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_awk_shell_spawn/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_update_risk_and_mfa_registration_policy/ 2025-07-01T08:34:38+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wusa_susp_parent_execution/ 2025-07-01T08:34:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/execution_ssm_command_document_created_by_rare_user/ 2025-06-27T17:24:27+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/multiple_alerts_different_tactics_host/ 2025-06-27T12:53:42+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/persistence_etc_file_creation/ 2025-06-27T08:14:53+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_curl_wget_exec_tmp/ 2025-06-25T10:48:57+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_comobject_msi_remote/ 2025-06-25T09:44:02+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_newcreds_logon_rare_process/ 2025-06-24T15:25:56+00:00 https://detection.fyi/elastic/detection-rules/integrations/kubernetes/persistence_exposed_service_created_with_type_nodeport/ 2025-06-24T12:11:31+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_remote_access_tools_meshagent_arguments/ 2025-06-24T09:19:53+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_meshagent_arguments/ 2025-06-24T09:19:53+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_remote_access_tools_renamed_meshagent_execution/ 2025-06-24T09:19:53+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_renamed_meshagent_execution/ 2025-06-24T09:19:53+00:00 https://detection.fyi/elastic/detection-rules/windows/impact_stop_process_service_threshold/ 2025-06-18T04:14:09+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_kerberos_coerce_dns/ 2025-06-17T21:50:28+00:00 https://detection.fyi/sigmahq/sigma/category/antivirus/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/category/antivirus/av_exploiting/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/msiinstaller/win_software_atera_rmm_agent_install/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/category/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/csharp-streamer/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_domain_azurewebsites/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_remote_access_software_domains_non_browsers/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_gotoopener_artefact/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_hktl_inveigh_artefacts/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_hktl_krbrelay_remote_ioc/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_tsclient_filewrite_startup/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_install_teamviewer_desktop/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_install_mesh_agent/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/msiinstaller/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mstsc_run_local_rdp_file/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_ssm_agent_abuse/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/csharp-streamer/image_load_malware_csharp_streamer_dotnet_load/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_ssm_agent_abuse/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/dns_query_win_malware_socgholish_second_stage_c2/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_quickassist_execution/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_anydesk/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_anydesk_susp_exec/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_remote_access_tools_anydesk_incoming_connection/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_anydesk_piped_password_via_cli/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_gotoopener/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_logmein/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_netsupport/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_screenconnect/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_screenconnect_remote_execution_susp/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_simple_help/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_ultraviewer/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_remote_access_tools_screenconnect_artefact/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_anydesk_writing_susp_binaries/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mstsc_run_local_rdp_file_susp_location/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_tscon_localsystem/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_install_tacticalrmm/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_teamviewer_domain_query_by_uncommon_app/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_teamviewer_remote_session/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_ultravnc/ 2025-06-13T08:00:52+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_turbotax/ 2025-06-12T18:26:52+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_downloaded_url_file/ 2025-06-12T11:11:19+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_sharpsuccessor_execution/ 2025-06-12T10:51:36+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_common_malware_hosting_services/ 2025-06-12T10:31:03+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/ta/apt40/ 2025-06-12T08:21:24+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/ta/apt40/proxy_apt_apt40_dropbox_tool_ua/ 2025-06-12T08:21:24+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/chafer/ 2025-06-12T08:21:24+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/chafer/proxy_malware_chafer_url_pattern/ 2025-06-12T08:21:24+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/malware/comrat/ 2025-06-12T08:21:24+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/malware/comrat/proxy_malware_comrat_network_indicators/ 2025-06-12T08:21:24+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-1048/ 2025-06-12T08:21:24+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-1048/registry_set_exploit_cve_2020_1048_new_printer_port/ 2025-06-12T08:21:24+00:00 https://detection.fyi/tags/cve.2020-1048/ 2025-06-12T08:21:24+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/ursnif/proxy_malware_ursnif_c2_url/ 2025-06-12T08:21:24+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/ursnif/proxy_malware_ursnif_download_url/ 2025-06-12T08:21:24+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_url_cve_2025_33053/ 2025-06-12T07:08:20+00:00 https://detection.fyi/tags/cve.2020-1599/ 2025-06-11T09:30:31+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mshta_susp_execution/ 2025-06-11T09:30:31+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-31324/web_lnx_exploit_cve_2025_31324_sap_netviewer_webshell_uploaded/ 2025-06-11T09:28:24+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-31324/web_lnx_exploit_cve_2025_31324_sap_netviewer_webshell/ 2025-06-11T09:28:24+00:00 https://detection.fyi/tags/attack.t1218.009/ 2025-06-11T09:23:15+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_regasm_no_flag_or_dll_execution/ 2025-06-11T09:23:15+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/mssqlserver/win_mssql_destructive_query/ 2025-06-11T09:08:41+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/mssqlserver/ 2025-06-11T09:08:41+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_unusual_parentchild_relationship/ 2025-06-09T17:58:55+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/credential_access_aws_getpassword_for_ec2_instance/ 2025-06-06T19:08:48+00:00 https://detection.fyi/elastic/detection-rules/integrations/aws/defense_evasion_ec2_flow_log_deletion/ 2025-06-06T18:11:54+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_cli_obfuscation_unicode_img/ 2025-06-05T11:29:46+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_double_extension/ 2025-06-05T11:29:46+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_local_groups/ 2025-06-05T11:15:47+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_process_reading_sudoers/ 2025-06-05T11:13:33+00:00 https://detection.fyi/tags/attack.t1592.004/ 2025-06-05T11:13:33+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_addinutil_uncommon_dir_exec/ 2025-06-04T15:44:31+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_aspnet_compiler_exectuion/ 2025-06-04T15:44:31+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_aspnet_compiler_susp_paths/ 2025-06-04T15:44:31+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_obfuscation_via_utf8/ 2025-06-04T15:39:06+00:00 https://detection.fyi/sigmahq/sigma/category/antivirus/av_ransomware/ 2025-06-04T12:39:25+00:00 https://detection.fyi/tags/attack.t1069.003/ 2025-06-04T12:39:25+00:00 https://detection.fyi/tags/attack.t1195/ 2025-06-04T12:39:25+00:00 https://detection.fyi/tags/attack.t1498/ 2025-06-04T12:39:25+00:00 https://detection.fyi/tags/attack.t1552.004/ 2025-06-04T12:39:25+00:00 https://detection.fyi/tags/attack.t1590/ 2025-06-04T12:39:25+00:00 https://detection.fyi/tags/attack.t1590.001/ 2025-06-04T12:39:25+00:00 https://detection.fyi/tags/attack.t1608/ 2025-06-04T12:39:25+00:00 https://detection.fyi/tags/attack.t1609/ 2025-06-04T12:39:25+00:00 https://detection.fyi/tags/attack.t1611/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_frombase64string/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/application/kubernetes/audit/kubernetes_audit_hostpath_mount/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/application/kubernetes/audit/kubernetes_audit_deployment_deleted/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_quickassist/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_dpapi_backup_and_cert_export_ioc/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/web/webserver_generic/web_f5_tm_utility_bash_api_request/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_execution_via_imphashes/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sc_query_interesting_services/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/application/kubernetes/audit/kubernetes_audit_secrets_enumeration/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_memorydump_getstoragediagnosticinfo/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mmc_mmc20_lateral_movement/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_mal_octopus_scanner/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_ftp_login_attempt/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/application/kubernetes/audit/kubernetes_audit_exec_into_container/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/application/kubernetes/audit/kubernetes_audit_sidecar_injection/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_odbc_driver_registered_susp/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_powershell_web_access_installation/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/application/kubernetes/audit/kubernetes_audit_privileged_pod_creation/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_psexec_execution/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_pua_advanced_ip_scanner_update_check/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_crassus/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_rare_operations/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/application/kubernetes/audit/kubernetes_audit_rbac_permisions_listing/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/application/rpc_firewall/rpc_firewall_remote_dcom_or_wmi/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/application/rpc_firewall/rpc_firewall_remote_service_lateral_movement/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_classic/posh_pc_renamed_powershell/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_unc_path/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_download_office_domain/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_webdav_external_execution/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_webshell_susp_process_spawned_from_webserver/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_wmiexec_default_filename/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_hiding_malware_in_fonts_folder/ 2025-06-04T12:39:25+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_comobject_msi/ 2025-06-04T11:50:39+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-20090/web_cve_2021_20090_2021_20091_arcadyan_router_exploit/ 2025-06-04T11:33:36+00:00 https://detection.fyi/tags/attack.t1049/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_container_registry_created_or_deleted/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_kubernetes_cluster_created_or_deleted/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_kubernetes_network_policy_change/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_kubernetes_rolebinding_modified_or_deleted/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_kubernetes_secret_or_config_object_access/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_kubernetes_role_access/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_kubernetes_service_account_modified_or_deleted/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/lnx_buffer_overflows/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_proxy_connection/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wscript_cscript_susp_child_processes/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-20090/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-42321/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-21554/ 2025-06-04T11:33:36+00:00 https://detection.fyi/tags/cve.2021-20090/ 2025-06-04T11:33:36+00:00 https://detection.fyi/tags/cve.2021-20091/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_hktl_remote_cred_dump/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_sharpview/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_hktl_sysmonente/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_trufflesnout/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_disable_event_auditing_critical/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/msiinstaller/win_msi_install_from_web/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-21554/win_cve_2023_21554_msmq_corrupted_packet/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mstsc_run_local_rpd_file_susp_parent/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/papercut-print-management-exploitation/proc_creation_win_papercut_print_management_exploitation_pc_app/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/papercut-print-management-exploitation/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_petitpotam_susp_tgt_request/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_gpg4win_portable_execution/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/application/rpc_firewall/rpc_firewall_dcsync_attack/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-42321/win_exchange_cve_2021_42321/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/zeek_rdp_public_listener/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/application/rpc_firewall/rpc_firewall_sasec_recon/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/application/rpc_firewall/rpc_firewall_efs_abuse/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/application/rpc_firewall/rpc_firewall_eventlog_recon/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/lnx_file_copy/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/application/rpc_firewall/rpc_firewall_printing_lateral_movement/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/application/rpc_firewall/rpc_firewall_remote_registry_recon/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/application/rpc_firewall/rpc_firewall_atsvc_recon/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/application/rpc_firewall/rpc_firewall_itaskschedulerservice_recon/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/application/rpc_firewall/rpc_firewall_remote_server_service_abuse/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/application/rpc_firewall/rpc_firewall_sharphound_recon_account/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/application/rpc_firewall/rpc_firewall_sharphound_recon_sessions/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_16bit_application/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/lnx_shell_susp_log_entries/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_office_susp_child_processes/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/ta/turla/pipe_created_apt_turla_named_pipes/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_adws_unusual_connection/ 2025-06-04T11:33:36+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_access/file_access_win_susp_crypto_currency_wallets/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_access/file_access_win_susp_gpo_files/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_access/file_access_win_susp_credhist/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_access/file_access_win_susp_dpapi_master_key_access/ 2025-06-02T11:29:48+00:00 https://detection.fyi/tags/attack.t1555.004/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_bitlockertogo_execution/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_access/file_access_win_susp_credential_manager_access/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-37085/ 2025-06-02T11:29:48+00:00 https://detection.fyi/tags/cve.2024-37085/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_access/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/ta/fin7/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/ta/forest-blizzard/file_event_win_apt_forest_blizzard_activity/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/application/kubernetes/audit/kubernetes_audit_cronjob_modification/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/application/kubernetes/audit/kubernetes_audit_rolebinding_modification/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/application/kubernetes/audit/kubernetes_audit_secrets_modified_or_deleted/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_access/file_access_win_teams_sensitive_files/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_domain_azurewebsites/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_regedit_print_as_pdf/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/ta/fin7/proc_creation_win_apt_fin7_exploitation_indicators/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-37085/proc_creation_win_exploit_cve_2024_37085_esxi_admins_group_creation/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-37085/win_security_exploit_cve_2024_37085_esxi_admins_group/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_no_image_name/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_boinc/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_msteams/ 2025-06-02T11:29:48+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/mssqlserver/win_mssql_failed_logon_from_external_network/ 2025-05-31T11:14:46+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_creation_deno/ 2025-05-27T07:49:30+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_impacket_file_indicators/ 2025-05-27T07:45:15+00:00 https://detection.fyi/tags/attack.t1555.003/ 2025-05-26T08:33:24+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/katz-stealer/dns_query_win_katz_stealer_domain/ 2025-05-26T08:33:24+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/katz-stealer/net_dns_katz_stealer_domain/ 2025-05-26T08:33:24+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_registry_enumeration_for_credentials_cli/ 2025-05-26T08:33:24+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/katz-stealer/image_load_win_katz_stealer_payloads/ 2025-05-26T08:33:24+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/katz-stealer/zeek_http_katz_stealer_susp_useragent/ 2025-05-26T08:33:24+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/malware/katz-stealer/ 2025-05-26T08:33:24+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_registry_export_of_thirdparty_creds/ 2025-05-26T08:33:24+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_access/file_access_win_susp_process_access_browser_cred_files/ 2025-05-26T08:33:24+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_artisteer/ 2025-05-23T19:14:20+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_calgary/ 2025-05-23T19:14:20+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_dell/ 2025-05-23T19:14:20+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_doubleclick/ 2025-05-23T19:14:20+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_lluh/ 2025-05-23T19:14:20+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_edinburghairport/ 2025-05-23T19:14:20+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_newegg/ 2025-05-23T19:14:20+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_next2/ 2025-05-23T19:14:20+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_anuneo/ 2025-05-23T19:14:20+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_sigtn/ 2025-05-23T19:14:20+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_slubnaglowie/ 2025-05-23T19:14:20+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_typedrawers/ 2025-05-23T19:14:20+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_suspicious_cmd_wmi/ 2025-05-21T14:59:45+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_incoming_wmi/ 2025-05-21T14:59:45+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_wer_systemerrorreporting/win_system_crash_dump_created/ 2025-05-21T07:09:37+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_wer_systemerrorreporting/ 2025-05-21T07:09:37+00:00 https://detection.fyi/tags/attack.t1007/ 2025-05-21T06:39:49+00:00 https://detection.fyi/tags/attack.t1136/ 2025-05-21T06:39:49+00:00 https://detection.fyi/tags/attack.t1562.003/ 2025-05-21T06:39:49+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_esxcli_user_account_creation/ 2025-05-21T06:39:49+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_esxcli_network_discovery/ 2025-05-21T06:39:49+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_esxcli_storage_discovery/ 2025-05-21T06:39:49+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_esxcli_syslog_config_change/ 2025-05-21T06:39:49+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_esxcli_system_discovery/ 2025-05-21T06:39:49+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_esxcli_vm_kill/ 2025-05-21T06:39:49+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_esxcli_vm_discovery/ 2025-05-21T06:39:49+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_esxcli_vsan_discovery/ 2025-05-21T06:39:49+00:00 https://detection.fyi/elastic/detection-rules/windows/discovery_command_system_account/ 2025-05-21T05:25:16+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_win32_shadowcopy_deletion/ 2025-05-20T21:12:55+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_certification_authority/win_system_adcs_enrollment_request_denied/ 2025-05-20T21:09:50+00:00 https://detection.fyi/tags/attack.t1127.001/ 2025-05-20T21:09:50+00:00 https://detection.fyi/sigmahq/sigma/application/kubernetes/audit/kubernetes_audit_pod_in_system_namespace/ 2025-05-20T21:09:50+00:00 https://detection.fyi/sigmahq/sigma/application/kubernetes/audit/kubernetes_audit_events_deleted/ 2025-05-20T21:09:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_certification_authority/ 2025-05-20T21:09:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_mount_hidepid/ 2025-05-20T21:09:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_office_outlook_enable_unsafe_client_mail_rules/ 2025-05-20T21:09:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_browsercore/ 2025-05-20T21:09:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_silenttrinity_stager_msbuild_activity/ 2025-05-20T21:09:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_office_outlook_susp_child_processes_remote/ 2025-05-20T21:09:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_csi_use_of_csharp_console/ 2025-05-20T21:09:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_browsers_remote_debugging/ 2025-05-20T21:09:23+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_httpproxy_login_attempt/ 2025-05-20T21:08:57+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_dialer_initiated_connection/ 2025-05-20T21:08:57+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_curl_fileupload/ 2025-05-20T21:08:57+00:00 https://detection.fyi/tags/attack.t1098.005/ 2025-05-20T21:05:21+00:00 https://detection.fyi/tags/attack.t1207/ 2025-05-20T21:05:21+00:00 https://detection.fyi/tags/attack.t1505.001/ 2025-05-20T21:05:21+00:00 https://detection.fyi/sigmahq/sigma/category/database/ 2025-05-20T21:05:21+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_execution_via_pe_metadata/ 2025-05-20T21:05:21+00:00 https://detection.fyi/sigmahq/sigma/application/kubernetes/audit/kubernetes_audit_serviceaccount_creation/ 2025-05-20T21:05:21+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_possible_dc_shadow/ 2025-05-20T21:05:21+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dnscmd_discovery/ 2025-05-20T21:05:21+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_namespace_defender/ 2025-05-20T21:05:21+00:00 https://detection.fyi/sigmahq/sigma/category/database/db_anomalous_query/ 2025-05-20T21:05:21+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_outbound_kerberos_connection/ 2025-05-20T21:05:21+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_auditlogs_laps_credential_dumping/ 2025-05-20T21:05:21+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-4427/ 2025-05-20T21:00:06+00:00 https://detection.fyi/tags/cve.2025-4427/ 2025-05-20T21:00:06+00:00 https://detection.fyi/tags/cve.2025-4428/ 2025-05-20T21:00:06+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-4427/web_invanti_epmm_cve_2025_4427_and_cve_2025_4428/ 2025-05-20T21:00:06+00:00 https://detection.fyi/tags/attack.t1134.003/ 2025-05-20T20:58:46+00:00 https://detection.fyi/tags/attack.t1553.003/ 2025-05-20T20:58:46+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_domain_localtonet_tunnel/ 2025-05-20T20:58:46+00:00 https://detection.fyi/sigmahq/sigma/linux/network_connection/net_connection_lnx_domain_localtonet_tunnel/ 2025-05-20T20:58:46+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-1389/ 2025-05-20T20:58:46+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-1389/proxy_exploit_cve_2023_1389_unauth_command_injection_tplink_archer_ax21/ 2025-05-20T20:58:46+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-3094/ 2025-05-20T20:58:46+00:00 https://detection.fyi/tags/cve.2023-1389/ 2025-05-20T20:58:46+00:00 https://detection.fyi/tags/cve.2024-3094/ 2025-05-20T20:58:46+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_dsinternals_cmdlets/ 2025-05-20T20:58:46+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_dsinternals_cmdlets/ 2025-05-20T20:58:46+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_hktl_crackmapexec_indicators/ 2025-05-20T20:58:46+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_krbrelay_remote/ 2025-05-20T20:58:46+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_sharp_dpapi_execution/ 2025-05-20T20:58:46+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_deviceguard_hypervisorenforcedpagingtranslation_disabled/ 2025-05-20T20:58:46+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/kapeka/registry_set_malware_kapeka_backdoor_configuration/ 2025-05-20T20:58:46+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/kapeka/proc_creation_win_malware_kapeka_backdoor_rundll32_execution/ 2025-05-20T20:58:46+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/kapeka/image_load_malware_kapeka_backdoor_wll/ 2025-05-20T20:58:46+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/kapeka/win_security_malware_kapeka_backdoor_scheduled_task_creation/ 2025-05-20T20:58:46+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/mssqlserver/win_mssql_failed_logon/ 2025-05-20T20:58:46+00:00 https://detection.fyi/sigmahq/sigma/linux/network_connection/ 2025-05-20T20:58:46+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_enable_periodic_backup/ 2025-05-20T20:58:46+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-3094/proc_creation_lnx_exploit_cve_2024_3094_sshd_child_process/ 2025-05-20T20:58:46+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/kapeka/file_event_win_malware_kapeka_backdoor_indicators/ 2025-05-20T20:58:46+00:00 https://detection.fyi/elastic/detection-rules/windows/impact_deleting_backup_catalogs_with_wbadmin/ 2025-05-19T15:04:25+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_dll_sideloading_space_path/ 2025-05-15T10:17:10+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_shell_chrome_api/ 2025-05-15T10:17:10+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_iphlpapi_dll_sideloading/ 2025-05-15T10:17:10+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_office_dlls/ 2025-05-15T10:17:10+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_7za/ 2025-05-15T10:17:10+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_ccleaner_du/ 2025-05-15T10:17:10+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_ccleaner_reactivator/ 2025-05-15T10:17:10+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_chrome_frame_helper/ 2025-05-15T10:17:10+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_gup_libcurl/ 2025-05-15T10:17:10+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_classicexplorer32/ 2025-05-15T10:17:10+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_comctl32/ 2025-05-15T10:17:10+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_jsschhlp/ 2025-05-15T10:17:10+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_libvlc/ 2025-05-15T10:17:10+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_wazuh/ 2025-05-15T10:17:10+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_third_party/ 2025-05-15T10:17:10+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_uac_bypass_via_dism/ 2025-05-15T10:17:10+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_vmguestlib/ 2025-05-15T10:17:10+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_vmmap_dbghelp_signed/ 2025-05-15T10:17:10+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_vmmap_dbghelp_unsigned/ 2025-05-15T10:17:10+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_invocation_specific/ 2025-05-12T11:28:51+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_susp_invocation_specific/ 2025-05-12T11:28:51+00:00 https://detection.fyi/tags/data-source-network/ 2025-05-06T16:07:47+00:00 https://detection.fyi/tags/data-source-rapid7-threat-command/ 2025-05-06T16:07:47+00:00 https://detection.fyi/elastic/detection-rules/network/command_and_control_cobalt_strike_default_teamserver_cert/ 2025-05-06T16:07:47+00:00 https://detection.fyi/elastic/detection-rules/integrations/dga/ 2025-05-06T16:07:47+00:00 https://detection.fyi/elastic/detection-rules/integrations/dga/command_and_control_ml_dga_activity_using_sunburst_domain/ 2025-05-06T16:07:47+00:00 https://detection.fyi/elastic/detection-rules/threat_intel/threat_intel_rapid7_threat_command/ 2025-05-06T16:07:47+00:00 https://detection.fyi/tags/rule-type-threat-match/ 2025-05-06T16:07:47+00:00 https://detection.fyi/elastic/detection-rules/threat_intel/threat_intel_indicator_match_email/ 2025-05-06T16:07:47+00:00 https://detection.fyi/elastic/detection-rules/threat_intel/threat_intel_indicator_match_hash/ 2025-05-06T16:07:47+00:00 https://detection.fyi/elastic/detection-rules/threat_intel/threat_intel_indicator_match_address/ 2025-05-06T16:07:47+00:00 https://detection.fyi/elastic/detection-rules/threat_intel/threat_intel_indicator_match_url/ 2025-05-06T16:07:47+00:00 https://detection.fyi/elastic/detection-rules/threat_intel/threat_intel_indicator_match_registry/ 2025-05-06T16:07:47+00:00 https://detection.fyi/elastic/detection-rules/threat_intel/ 2025-05-06T16:07:47+00:00 https://detection.fyi/tags/threat-cobalt-strike/ 2025-05-06T16:07:47+00:00 https://detection.fyi/tags/use-case-continuous-monitoring/ 2025-05-06T16:07:47+00:00 https://detection.fyi/tags/use-case-domain-generation-algorithm-detection/ 2025-05-06T16:07:47+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_from_unusual_path_cmdline/ 2025-05-05T17:36:40+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_from_unusual_directory/ 2025-05-05T17:36:40+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_screenconnect_childproc/ 2025-05-05T17:36:40+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_uac_bypass_mock_windir/ 2025-05-05T17:36:40+00:00 https://detection.fyi/elastic/detection-rules/network/command_and_control_vnc_virtual_network_computing_from_the_internet/ 2025-05-05T17:36:40+00:00 https://detection.fyi/elastic/detection-rules/network/command_and_control_vnc_virtual_network_computing_to_the_internet/ 2025-05-05T17:36:40+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_createdump_lolbin_execution/ 2025-04-25T19:01:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dumpminitool_execution/ 2025-04-25T19:01:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_hktl_handlekatz_lsass_access/ 2025-04-25T19:01:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_xordump/ 2025-04-25T19:01:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_procdump_evasion/ 2025-04-25T19:01:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_procdump/ 2025-04-25T19:01:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_createdump/ 2025-04-25T19:01:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dumpminitool_susp_execution/ 2025-04-25T19:01:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_webshell_chopper/ 2025-04-25T18:55:51+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_winpeas/ 2025-04-25T18:55:51+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_webshell_recon_commands_and_processes/ 2025-04-25T18:55:51+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_webshell_hacking/ 2025-04-25T18:55:51+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_user_account_added_to_privileged_group_ad/ 2025-04-24T00:42:33+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_group_modification_by_system/ 2025-04-24T00:22:38+00:00 https://detection.fyi/elastic/detection-rules/macos/execution_scripting_osascript_exec_followed_by_netcon/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/privilege_escalation_applescript_with_admin_privs/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/defense_evasion_attempt_to_disable_gatekeeper/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_enable_root_account/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/defense_evasion_install_root_certificate/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/lateral_movement_mounting_smb_share/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_credential_access_authorization_plugin_creation/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_evasion_hidden_launch_agent_deamon_creation/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_creation_hidden_login_item_osascript/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/credential_access_dumping_hashes_bi_cmds/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/credential_access_dumping_keychain_security/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_emond_rules_file_creation/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/discovery_users_domain_built_in_commands/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/execution_defense_evasion_electron_app_childproc_node_js/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/privilege_escalation_explicit_creds_via_scripting/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_finder_sync_plugin_pluginkit/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/credential_access_kerberosdump_kcc/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/credential_access_credentials_keychains/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/credential_access_keychain_pwd_retrieval_security_cmd/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_creation_change_launch_agents_file/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/defense_evasion_modify_environment_launchctl/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_directory_services_plugins_modification/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_docker_shortcuts_plist_modification/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_folder_action_scripts_runtime/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/privilege_escalation_local_user_added_to_admin/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_account_creation_hide_at_logon/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/defense_evasion_sandboxed_office_app_suspicious_zip_file/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_via_atom_init_file_modification/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_periodic_tasks_file_mdofiy/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/defense_evasion_privacy_controls_tcc_database_modification/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/privilege_escalation_root_crontab_filemod/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/defense_evasion_attempt_del_quarantine_attrib/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/lateral_movement_remote_ssh_login_enabled/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_screensaver_plist_file_modification/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/execution_shell_execution_via_apple_scripting/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/defense_evasion_apple_softupdates_modification/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_modification_sublime_app_plugin_or_script/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/execution_script_via_automator_workflows/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/execution_initial_access_suspicious_browser_childproc/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_suspicious_calendar_modification/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/privilege_escalation_exploit_adobe_acrobat_updater/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_crontab_creation/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_emond_rules_process_execution/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_defense_evasion_hidden_launch_agent_deamon_logonitem_process/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/execution_installer_package_spawned_network_event/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/credential_access_suspicious_web_browser_sensitive_file_access/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/credential_access_systemkey_dumping/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/defense_evasion_tcc_bypass_mounted_apfs_access/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/lateral_movement_vpn_connection_attempt/ 2025-04-21T22:32:05+00:00 https://detection.fyi/elastic/detection-rules/macos/credential_access_mitm_localhost_webproxy/ 2025-04-21T22:32:05+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-31161/ 2025-04-17T19:43:35+00:00 https://detection.fyi/tags/cve.2025-31161/ 2025-04-17T19:43:35+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-31161/proc_creation_win_crushftp_susp_child_processes/ 2025-04-17T19:43:35+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-1472/ 2025-04-17T19:42:17+00:00 https://detection.fyi/tags/cve.2020-1472/ 2025-04-17T19:42:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-1472/proc_creation_win_exploit_cve_2020_1472_zero_poc/ 2025-04-17T19:42:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_download_cradle_obfuscated/ 2025-04-17T19:42:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_emoji_usage_in_cli_1/ 2025-04-17T19:42:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_emoji_usage_in_cli_2/ 2025-04-17T19:42:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_emoji_usage_in_cli_3/ 2025-04-17T19:42:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_emoji_usage_in_cli_4/ 2025-04-17T19:42:17+00:00 https://detection.fyi/tags/car.2016-04-002/ 2025-04-16T22:45:10+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_eventlog_clear/ 2025-04-16T22:45:10+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_recon_product_class/ 2025-04-16T22:44:13+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_copy_browser_data/ 2025-04-16T22:43:26+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_lnk_exec_hidden_cmd/ 2025-04-16T22:42:11+00:00 https://detection.fyi/tags/attack.t1055.011/ 2025-04-16T22:41:35+00:00 https://detection.fyi/tags/attack.t1090.002/ 2025-04-16T22:41:35+00:00 https://detection.fyi/tags/attack.t1571/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/darkgate/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/darkgate/file_event_win_malware_darkgate_autoit3_save_temp/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_nscurl_usage/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wbadmin_restore_file/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_domain_portmap/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_tmutil_exclude_file_from_backup/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/firewall_as/win_firewall_as_add_rule_susp_folder/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/firewall_as/win_firewall_as_add_rule_wmiprvse/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_packet_capture/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/linux/network_connection/net_connection_lnx_susp_malware_callback_port/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_qemu_suspicious_execution/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wbadmin_dump_sensitive_files/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wbadmin_restore_sensitive_files/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_sysctl_discovery/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_tmutil_delete_backup/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_tmutil_disable_backup/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_uac_disable_notification/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_uac_disable_secure_desktop_prompt/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_mysqld_uncommon_file_creation/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_susp_all_access_uncommon_target/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_delete/registry_delete_enable_windows_recall/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_enable_windows_recall/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_enable_windows_recall/ 2025-04-16T22:41:35+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_adplus_memory_dump/ 2025-04-16T22:40:41+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_tools_masquerading/ 2025-04-16T22:39:23+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_linkedin/ 2025-04-15T19:59:40+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_debugfs_launched_inside_container/ 2025-04-10T12:26:40+00:00 https://detection.fyi/elastic/detection-rules/macos/command_and_control_unusual_connection_to_suspicious_top_level_domain/ 2025-04-07T15:25:39+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_new_lambda_layer_attached/ 2025-04-07T09:07:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_conhost_uncommon_parent/ 2025-04-07T09:05:53+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_elevated_system_shell_uncommon_parent/ 2025-04-07T09:05:53+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_inline_win_api_access/ 2025-04-07T09:05:53+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_python/ 2025-04-07T09:05:53+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_whoami_parent_anomaly/ 2025-04-07T09:05:53+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_proc_wrong_parent/ 2025-04-07T09:05:53+00:00 https://detection.fyi/tags/attack.t1589.002/ 2025-04-07T09:02:17+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_potential_unconstrained_delegation_discovery/ 2025-04-07T09:02:17+00:00 https://detection.fyi/elastic/detection-rules/promotions/endgame_adversary_behavior_detected/ 2025-03-27T03:32:25+00:00 https://detection.fyi/elastic/detection-rules/promotions/credential_access_endgame_cred_dumping_detected/ 2025-03-27T03:32:25+00:00 https://detection.fyi/elastic/detection-rules/promotions/credential_access_endgame_cred_dumping_prevented/ 2025-03-27T03:32:25+00:00 https://detection.fyi/elastic/detection-rules/promotions/privilege_escalation_endgame_cred_manipulation_detected/ 2025-03-27T03:32:25+00:00 https://detection.fyi/elastic/detection-rules/promotions/privilege_escalation_endgame_cred_manipulation_prevented/ 2025-03-27T03:32:25+00:00 https://detection.fyi/elastic/detection-rules/integrations/endpoint/elastic_endpoint_security/ 2025-03-27T03:32:25+00:00 https://detection.fyi/elastic/detection-rules/promotions/execution_endgame_exploit_detected/ 2025-03-27T03:32:25+00:00 https://detection.fyi/elastic/detection-rules/promotions/execution_endgame_exploit_prevented/ 2025-03-27T03:32:25+00:00 https://detection.fyi/elastic/detection-rules/promotions/endgame_malware_detected/ 2025-03-27T03:32:25+00:00 https://detection.fyi/elastic/detection-rules/promotions/endgame_malware_prevented/ 2025-03-27T03:32:25+00:00 https://detection.fyi/elastic/detection-rules/promotions/privilege_escalation_endgame_permission_theft_detected/ 2025-03-27T03:32:25+00:00 https://detection.fyi/elastic/detection-rules/promotions/privilege_escalation_endgame_permission_theft_prevented/ 2025-03-27T03:32:25+00:00 https://detection.fyi/elastic/detection-rules/promotions/privilege_escalation_endgame_process_injection_detected/ 2025-03-27T03:32:25+00:00 https://detection.fyi/elastic/detection-rules/promotions/privilege_escalation_endgame_process_injection_prevented/ 2025-03-27T03:32:25+00:00 https://detection.fyi/elastic/detection-rules/promotions/endgame_ransomware_detected/ 2025-03-27T03:32:25+00:00 https://detection.fyi/elastic/detection-rules/promotions/endgame_ransomware_prevented/ 2025-03-27T03:32:25+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_dontexpirepasswd_account/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/discovery_adfind_command_activity/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_root_dir_ads_creation/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/ml/persistence_ml_windows_anomalous_process_all_hosts/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/ml/persistence_ml_windows_anomalous_process_creation/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_code_signing_policy_modification_builtin_tools/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_apt_solarwinds_backdoor_child_cmd_powershell/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_command_shell_via_rundll32/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_via_hidden_shell_conhost/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_encrypted_channel_freesslcert/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_execution_control_panel_suspicious_args/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_dnsnode_creation/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_gpo_schtask_service_creation/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_domain_backup_dpapi_private_keys/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_dump_registry_hives/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_delete_volume_usn_journal_with_fsutil/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_disable_windows_firewall_rules_with_netsh/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_enable_network_discovery_with_netsh/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/discovery_enumerating_domain_trusts_via_dsquery/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/discovery_enumerating_domain_trusts_via_nltest/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_enumeration_via_wmiprvse/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/discovery_admin_recon/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_runtime_run_key_startup_susp_procs/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_execution_from_tsclient_mup/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/collection_email_powershell_exchange_mailbox/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_right_to_left_override/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_exfiltration_first_time_seen_usb/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_generic_localdumps/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_group_policy_privileged_groups/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/discovery_group_policy_object_discovery/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/integrations/problemchild/defense_evasion_ml_suspicious_windows_process_cluster_from_host/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_execution_lolbas_wuauclt/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_dcom_hta/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_dcom_mmc20/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_dcom_shellwindow_shellbrowserwindow/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_make_token_local/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_disable_kerberos_preauth/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_kirbi_file/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_via_startup_folder_rdp_smb/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_local_scheduled_task_creation/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_lsass_memdump_file_created/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_execution_msbuild_started_by_system_process/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_execution_msbuild_started_by_office_app/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_suspicious_ms_exchange_files/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_iis_connectionstrings_dumping/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/impact_modification_of_boot_config/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_mount_hidden_or_webdav_share_net/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_msbuild_making_network_connections/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_register_server_program_connecting_to_the_internet/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_persistence_network_logon_provider_modification/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_powershell_exch_mailbox_activesync_add_device/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_wbadmin_ntds/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_copy_ntds_sam_volshadowcp_cmdline/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/integrations/problemchild/defense_evasion_ml_suspicious_windows_process_cluster_from_parent_process/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/discovery_peripheral_device/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_via_bits_job_notify_command/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_local_scheduled_job_creation/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_via_telemetrycontroller_scheduledtask_hijack/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_via_update_orchestrator_service_hijack/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_via_windows_management_instrumentation_event_subscription/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_adidns_wildcard/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/credential_access_cookies_chromium_browsers_debugging/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_potential_lsa_memdump_via_mirrordump/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_suspicious_lsass_access_memdump/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_suspicious_comsvcs_imageload/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_credential_dumping_msbuild/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_dns_tunneling_nslookup/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_msi_repair_via_mshelp_link/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_windows_filtering_platform/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_certreq_postdata/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_initial_access_foxmail_exploit/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_relay_ntlm_auth_via_http_spoolss/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_via_snapshot_lsass_clone_creation/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_suspicious_lsass_access_via_snapshot/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_alternate_creds_pth/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_rdp_tunnel_plink/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_veeam_commands/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_adidns_wpad_record/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_via_wsus_update/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_named_pipe_impersonation/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_via_rogue_named_pipe/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_via_compiled_html_file/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_injection_msbuild/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/exfiltration_smb_rare_destination/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_enable_inbound_rdp_with_netsh/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_remote_file_copy_desktopimgdownldr/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_remote_file_copy_mpcmdrun/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_remote_services/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_local_scheduled_task_scripting/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_group_policy_scheduled_task/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_saved_creds_vaultcmd/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_cmd_service/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_service_control_spawned_script_int/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_sc_sdset/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_startup_folder_file_written_by_suspicious_process/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_group_policy_iniscript/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_dotnet_compiler_parent_process/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_suspicious_certutil_commands/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_execution_via_office_addins/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_wsl_bash_exec/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_via_explorer_suspicious_child_parent_args/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_suspicious_image_load_scheduled_task_ms_office/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_exploit_jetbrains_teamcity/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_lsass_handle_via_malseclogon/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_suspicious_lsass_access_generic/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_suspicious_managedcode_host_process/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_suspicious_ms_office_child_process/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_suspicious_ms_outlook_child_process/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_suspicious_pdf_reader/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/ml/execution_ml_windows_anomalous_script/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_printspooler_suspicious_file_deletion/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_suspicious_process_creation_calltrace/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_suspicious_rdp_client_imageload/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_suspicious_scrobj_load/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_masquerading_suspicious_werfault_childproc/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_suspicious_image_load_wmi_ms_office/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_suspicious_wmi_script/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_suspicious_zoom_child_process/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_symbolic_link_to_shadow_copy_created/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_system_shells_via_services/ 2025-03-26T15:04:14+00:00 https://detection.fyi/tags/tacticexecution/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_uac_bypass_com_ieinstal/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_uac_bypass_com_clipup/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_uac_bypass_com_interface_icmluautil/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_uac_bypass_winfw_mmc_hijack/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_registry_uncommon/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_dns_serverlevelplugindll/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_imageload_azureadconnectauthsvc/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_command_shell_started_by_unusual_process/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/integrations/problemchild/defense_evasion_ml_rare_process_for_a_host/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/integrations/problemchild/defense_evasion_ml_rare_process_for_a_parent_process/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/integrations/problemchild/defense_evasion_ml_rare_process_for_a_user/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_unusual_svchost_childproc_childless/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/ml/persistence_ml_windows_anomalous_path_activity/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/ml/credential_access_ml_windows_anomalous_metadata_process/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/ml/initial_access_ml_windows_rare_user_type10_remote_login/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/ml/persistence_ml_windows_anomalous_service/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/ml/credential_access_ml_windows_anomalous_metadata_user/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/ml/privilege_escalation_ml_windows_rare_user_runas_event/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/ml/initial_access_ml_windows_anomalous_user_name/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_user_account_creation/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/integrations/problemchild/defense_evasion_ml_suspicious_windows_process_cluster_from_user/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/impact_volume_shadow_copy_deletion_or_resized_via_vssadmin/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/impact_volume_shadow_copy_deletion_via_powershell/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/impact_volume_shadow_copy_deletion_via_wmic/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/defense_evasion_deleting_websvr_access_logs/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/discovery_whoami_command_activity/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_cve_2020_0601/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_defender_disabled_via_registry/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_script_executing_powershell/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_scripts_process_started_via_wmi/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_wsl_enabled_via_dism/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_wireless_creds_dumping/ 2025-03-26T15:04:14+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_initial_access_wps_dll_exploit/ 2025-03-26T15:04:14+00:00 https://detection.fyi/sublime-security/sublime-rules/cve_2025_24071_ntlm_leak/ 2025-03-21T14:37:25+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_cupsd_foomatic_rip_shell_execution/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/linux/defense_evasion_esxi_suspicious_timestomp_touch/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/integrations/github/execution_github_app_deleted/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/integrations/github/persistence_organization_owner_role_granted/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/integrations/github/defense_evasion_github_protected_branch_settings_changed/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/integrations/github/impact_github_repository_deleted/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/integrations/github/execution_github_ueba_multiple_behavior_alerts_from_account/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/integrations/github/execution_github_high_number_of_cloned_repos_from_pat/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_linux_hping_activity/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_kerberoasting_unusual_process/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/linux/credential_access_gdb_process_hooking/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/linux/command_and_control_linux_ssh_x11_forwarding/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/integrations/github/execution_new_github_app_installed/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/integrations/github/persistence_github_org_owner_added/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_linux_nping_activity/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_potential_hack_tool_executed/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_pkexec_envar_hijack/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_suspicious_file_opened_through_editor/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_ssh_key_generation/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_sudo_allowed_command_enumeration/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_cupsd_foomatic_rip_suspicious_child_execution/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_apt_solarwinds_backdoor_unusual_child_processes/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/linux/discovery_suspicious_which_command_execution/ 2025-03-20T15:02:07+00:00 https://detection.fyi/tags/use-case-ueba/ 2025-03-20T15:02:07+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/initial_access_ssh_connection_established_inside_a_container/ 2025-03-14T15:57:37+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/lateral_movement_ssh_process_launched_inside_a_container/ 2025-03-14T15:57:37+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_notepad_local_passwd_discovery/ 2025-03-04T23:24:11+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/ta/forest-blizzard/file_event_win_apt_forest_blizzard_constrained_js/ 2025-03-04T23:23:27+00:00 https://detection.fyi/sigmahq/sigma/application/kubernetes/audit/kubernetes_audit_unauthorized_unauthenticated_actions/ 2025-03-04T23:23:27+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_pnscan_binary_cli_pattern/ 2025-03-04T23:23:27+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-3400/file_event_paloalto_globalprotect_exploit_cve_2024_3400_command_inject_file_creation/ 2025-03-04T23:23:27+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_netscan/ 2025-03-04T23:23:27+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_regasm_network_activity/ 2025-03-04T23:23:27+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_install_anydesk/ 2025-03-04T23:19:19+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_classic/posh_pc_abuse_nslookup_with_dns_records/ 2025-03-04T23:17:38+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/zeek_http_susp_file_ext_from_susp_tld/ 2025-03-04T23:13:45+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/initial_access_cross_site_scripting/ 2025-03-04T12:09:45+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_delete/file_delete_win_delete_backup_file/ 2025-02-28T14:49:36+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_delete/file_delete_win_sysinternals_sdelete_file_deletion/ 2025-02-28T14:49:36+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_obfuscated_ordinal_call/ 2025-02-25T21:32:55+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_process_dump_via_comsvcs/ 2025-02-25T21:32:55+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-35250/ 2025-02-24T11:58:40+00:00 https://detection.fyi/tags/cve.2024-35250/ 2025-02-24T11:58:40+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-35250/image_load_exploit_cve_2024_35250_privilege_escalation/ 2025-02-24T11:58:40+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_clfs_load/ 2025-02-22T22:57:41+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_domain_google_api_non_browser_access/ 2025-02-22T22:47:24+00:00 https://detection.fyi/tags/data-source-google-workspace/ 2025-02-20T04:34:13+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/defense_evasion_google_workspace_new_oauth_login_from_third_party_application/ 2025-02-20T04:34:13+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/initial_access_object_copied_to_external_drive_with_app_consent/ 2025-02-20T04:34:13+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/ 2025-02-20T04:34:13+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/credential_access_forced_authentication_pipes/ 2025-02-19T15:54:31+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_mofcomp/ 2025-02-19T15:54:31+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/command_and_control_google_drive_malicious_file_download/ 2025-02-19T15:54:31+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_aadinternals_cmdlets_execution/ 2025-02-17T11:11:55+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_aadinternals_cmdlets_execution/ 2025-02-17T11:11:55+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_nimscan/ 2025-02-17T11:07:45+00:00 https://detection.fyi/elastic/detection-rules/windows/impact_ransomware_note_file_over_smb/ 2025-02-17T10:04:34+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_regback_sam_security_hives/ 2025-02-17T10:04:34+00:00 https://detection.fyi/elastic/detection-rules/windows/impact_ransomware_file_rename_smb/ 2025-02-17T10:04:34+00:00 https://detection.fyi/elastic/detection-rules/windows/collection_email_outlook_mailbox_via_com/ 2025-02-17T10:04:34+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_direct_outbound_smb_connection/ 2025-02-05T20:32:57+00:00 https://detection.fyi/elastic/detection-rules/linux/command_and_control_cupsd_foomatic_rip_netcon/ 2025-02-05T18:25:45+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_looney_tunables_cve_2023_4911/ 2025-02-05T18:25:45+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_enlightenment_window_manager/ 2025-02-05T18:25:45+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_overlayfs_local_privesc/ 2025-02-05T18:25:45+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_sda_disk_mount_non_root/ 2025-02-05T18:25:45+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_suspicious_chown_fowner_elevation/ 2025-02-05T18:25:45+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_gdb_sys_ptrace_elevation/ 2025-02-05T18:25:45+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_process_started_from_process_id_file/ 2025-02-05T18:25:45+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_gdb_sys_ptrace_netcon/ 2025-02-05T18:25:45+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_kworker_uid_elevation/ 2025-02-05T18:25:45+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_suspicious_passwd_file_write/ 2025-02-05T18:25:45+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_linux_suspicious_symbolic_link/ 2025-02-05T18:25:45+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_login_logout_hooks_defaults/ 2025-02-05T18:09:27+00:00 https://detection.fyi/elastic/detection-rules/macos/initial_access_suspicious_mac_ms_office_child_process/ 2025-02-05T18:09:27+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_screensaver_engine_unexpected_child_process/ 2025-02-05T18:09:27+00:00 https://detection.fyi/tags/attack.t1547.003/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_change_winevt_channelaccess/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-1212/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-1212/web_exploit_cve_2024_1212_/ 2025-02-03T17:23:12+00:00 https://detection.fyi/tags/cve.2024-1212/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_disable_winevt_logging/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_hide_file/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_optimize_file_sharing_network/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_timeproviders_dllname/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_git_clone_request/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_http_get/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_http_post_login_attempt/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_mssql_login_sqlauth/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_mssql_login_winauth/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_mysql_login_attempt/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_ntp_monlist/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_redis_command/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_sip_request/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_smb_file_open/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_snmp_cmd/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_tftp_request/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/application/opencanary/opencanary_vnc_connection_attempt/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/kamikakabot/proc_creation_win_malware_kamikakabot_lnk_lure_execution/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/kamikakabot/proc_creation_win_malware_kamikakabot_schtasks_persistence/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_redirection_susp_folder/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_ifilter/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_nircmd/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_uncommon_dll_extension/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_servicedll_hijack/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_domain_external_ip_lookup/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_change_sysmon_driver_altitude/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_disable_windows_defender_service/ 2025-02-03T17:23:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_pdf_extortion_leveraging_breach_data/ 2025-02-03T16:52:13+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_suspected_supplier_payment_request/ 2025-02-03T16:51:47+00:00 https://detection.fyi/tags/data-source-jamf-protect/ 2025-02-03T15:57:50+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_driver_newterm_imphash/ 2025-02-03T15:57:50+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_via_wmi_stdregprov_run_services/ 2025-02-03T15:57:50+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_installertakeover/ 2025-02-03T15:57:50+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_startup_folder_file_written_by_unsigned_process/ 2025-02-03T15:57:50+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_sunburst_c2_activity_detected/ 2025-02-03T15:57:50+00:00 https://detection.fyi/elastic/detection-rules/linux/command_and_control_suspicious_network_activity_from_unknown_executable/ 2025-02-03T15:57:50+00:00 https://detection.fyi/elastic/detection-rules/macos/credential_access_high_volume_of_pbpaste/ 2025-02-03T15:57:50+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_printspooler_suspicious_spl_file/ 2025-02-03T15:57:50+00:00 https://detection.fyi/elastic/detection-rules/macos/privilege_escalation_user_added_to_admin_group/ 2025-02-03T15:57:50+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/execution_suspicious_java_netcon_childproc/ 2025-02-03T13:05:26+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_mal_wceaux_dll/ 2025-01-31T17:08:59+00:00 https://detection.fyi/tags/attack.t1221/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-30190/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-41082/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-22518/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-22518/proc_creation_lnx_exploit_cve_2023_22518_confluence_java_child_proc/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-22518/proc_creation_win_exploit_cve_2023_22518_confluence_tomcat_child_proc/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-22518/proxy_exploit_cve_2023_22518_confluence_auth_bypass/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-22518/web_exploit_cve_2023_22518_confluence_auth_bypass/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-27997/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-34362-moveit-transfer-exploit/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-46214/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-46747/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-46747/proxy_cve_2023_46747_f5_remote_code_execution/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-46747/web_cve_2023_46747_f5_remote_code_execution/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-4966/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-4966/proxy_exploit_cve_2023_4966_citrix_sensitive_information_disclosure_exploit/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-4966/web_exploit_cve_2023_4966_citrix_sensitive_information_disclosure_exploit_attempt/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-4966/proxy_exploit_cve_2023_4966_citrix_sensitive_information_disclosure_exploit_attempt/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-4966/web_exploit_cve_2023_4966_citrix_sensitive_information_disclosure_exploit/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-1708/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-1708/file_event_win_exploit_cve_2024_1708_screenconnect/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-1708/win_security_exploit_cve_2024_1708_screenconnect/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-1709/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-1709/web_exploit_cve_2024_1709_screenconnect/ 2025-01-30T20:30:17+00:00 https://detection.fyi/tags/cve.2023-22518/ 2025-01-30T20:30:17+00:00 https://detection.fyi/tags/cve.2023-27997/ 2025-01-30T20:30:17+00:00 https://detection.fyi/tags/cve.2023-34362/ 2025-01-30T20:30:17+00:00 https://detection.fyi/tags/cve.2023-46214/ 2025-01-30T20:30:17+00:00 https://detection.fyi/tags/cve.2023-46747/ 2025-01-30T20:30:17+00:00 https://detection.fyi/tags/cve.2023-4966/ 2025-01-30T20:30:17+00:00 https://detection.fyi/tags/cve.2024-1708/ 2025-01-30T20:30:17+00:00 https://detection.fyi/tags/cve.2024-1709/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-46214/web_cve_2023_46214_rce_splunk_enterprise_poc/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/generic/file_event_win_malware_generic_creation_configuration_rats/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/ta/forest-blizzard/proc_creation_win_apt_forest_blizzard_activity/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/generic/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-34362-moveit-transfer-exploit/web_cve_2023_34362_known_payload_request.yml/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-41082/proxy_cve_2022_36804_exchange_owassrf_poc_exploitation/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/pikabot/proc_creation_win_malware_pikabot_rundll32_uncommon_extension/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/blackbyte/proc_creation_win_malware_blackbyte_ransomware/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-27997/web_cve_2023_27997_pre_authentication_rce/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/windows-server-unknown-exploit/proc_creation_win_exploit_other_win_server_undocumented_rce/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-41082/proxy_cve_2022_36804_exchange_owassrf_exploitation/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/malware/raspberry-robin/proc_creation_win_malware_raspberry_robin_rundll32_shell32_cpl_exection/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/qakbot/proc_creation_win_malware_qakbot_uninstaller_cleanup/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/cozy-bear/win_security_apt_cozy_bear_scheduled_tasks_name/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/cozy-bear/win_taskscheduler_apt_cozy_bear_graphical_proton_task_names/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/ta/slashandgrab-exploitation-in-wild/file_event_win_apt_unknown_exploitation_indicators/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-1709/file_event_win_exploit_cve_2024_1709_user_database_modification_screenconnect/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-1709/win_security_exploit_cve_2024_1709_user_database_modification_screenconnect/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/ta/slashandgrab-exploitation-in-wild/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-30190/registry_set_exploit_cve_2022_30190_msdt_follina/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/windows-server-unknown-exploit/ 2025-01-30T20:30:17+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_codeintegrity_check_failure/ 2025-01-30T20:15:39+00:00 https://detection.fyi/tsale/sigma_rules/misc/ 2025-01-29T17:41:48+00:00 https://detection.fyi/tsale/sigma_rules/ 2025-01-29T17:41:48+00:00 https://detection.fyi/tsale/ 2025-01-29T17:41:48+00:00 https://detection.fyi/tsale/sigma_rules/misc/proc_creation_windows_explorer_shell_execute/ 2025-01-29T17:41:48+00:00 https://detection.fyi/elastic/detection-rules/linux/command_and_control_linux_kworker_netcon/ 2025-01-28T13:43:00+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_enbridge/ 2025-01-24T16:09:03+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_dumpert/ 2025-01-22T21:29:33+00:00 https://detection.fyi/elastic/detection-rules/linux/execution_executable_stack_execution/ 2025-01-22T20:43:30+00:00 https://detection.fyi/elastic/detection-rules/ml/resource_development_ml_linux_anomalous_compiler_activity/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/apm/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/execution_aws_ssm_sendcommand_with_command_parameters/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/beaconing/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/network/command_and_control_cobalt_strike_beacon/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/cyberarkpas/privilege_escalation_cyberarkpas_error_audit_event_promotion/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/cyberarkpas/privilege_escalation_cyberarkpas_recommended_events_to_monitor_promotion/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/cyberarkpas/ 2025-01-22T17:17:38+00:00 https://detection.fyi/tags/data-source-cyberark-pas/ 2025-01-22T17:17:38+00:00 https://detection.fyi/tags/data-source-zoom/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/ded/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/ml/command_and_control_ml_packetbeat_dns_tunneling/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_downloaded_shortcut_files/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_execution_from_removable_media/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_expired_driver_loaded/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/google_workspace_alert_center_promotion/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/defense_evasion_gcp_firewall_rule_created/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/defense_evasion_gcp_firewall_rule_deleted/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/defense_evasion_gcp_firewall_rule_modified/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/initial_access_gcp_iam_custom_role_creation/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/impact_gcp_iam_role_deletion/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/persistence_gcp_iam_service_account_key_deletion/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/defense_evasion_gcp_logging_bucket_deletion/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/defense_evasion_gcp_logging_sink_deletion/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/exfiltration_gcp_logging_sink_modification/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/collection_gcp_pub_sub_subscription_creation/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/defense_evasion_gcp_pub_sub_subscription_deletion/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/collection_gcp_pub_sub_topic_creation/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/defense_evasion_gcp_pub_sub_topic_deletion/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/persistence_gcp_service_account_created/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/impact_gcp_service_account_deleted/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/impact_gcp_service_account_disabled/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/persistence_gcp_key_created_for_service_account/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/defense_evasion_gcp_storage_bucket_configuration_modified/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/impact_gcp_storage_bucket_deleted/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/defense_evasion_gcp_storage_bucket_permissions_modified/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/defense_evasion_gcp_virtual_private_cloud_network_deleted/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/defense_evasion_gcp_virtual_private_cloud_route_created/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/gcp/defense_evasion_gcp_virtual_private_cloud_route_deleted/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/credential_access_google_workspace_drive_encryption_key_accessed_by_anonymous_user/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/initial_access_google_workspace_suspended_user_renewed/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/network/command_and_control_halfbaked_beacon/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/network/initial_access_unsecure_elasticsearch_node/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/network/command_and_control_nat_traversal_port_activity/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/linux/persistence_kernel_driver_load/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/dga/command_and_control_ml_dns_request_predicted_to_be_a_dga_domain/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/dga/command_and_control_ml_dns_request_high_dga_probability/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/guided_onboarding_sample_rule/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_parent_process_pid_spoofing/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/network/command_and_control_fin7_c2_behavior/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/linux/privilege_escalation_potential_bufferoverflow_attack/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/windows/command_and_control_iexplore_via_com/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/ded/exfiltration_ml_high_bytes_destination_port/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/ded/exfiltration_ml_high_bytes_destination_ip/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/ded/exfiltration_ml_high_bytes_destination_geo_country_iso_code/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/ded/exfiltration_ml_high_bytes_destination_region_name/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/dga/command_and_control_ml_dga_high_sum_probability/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/windows/discovery_active_directory_webservice/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_lsa_auth_package/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/macos/credential_access_potential_macos_ssh_bruteforce/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/macos/persistence_loginwindow_plist_modification/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/privilege_escalation_echo_nopasswd_sudoers/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_execution_remote_via_msiexec/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/windows/lateral_movement_rdp_sharprdp_target/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/windows/defense_evasion_sccm_scnotification_dll/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/windows/privilege_escalation_create_process_with_token_unpriv/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/network/command_and_control_rdp_remote_desktop_protocol_from_the_internet/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_xsl_script_execution_via_com/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/network/command_and_control_download_rar_powershell_from_internet/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/network/initial_access_rpc_remote_procedure_call_to_the_internet/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/network/command_and_control_port_26_activity/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/ded/exfiltration_ml_high_bytes_written_to_external_device/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/ded/exfiltration_ml_high_bytes_written_to_external_device_airdrop/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/ml/credential_access_ml_auth_spike_in_logon_events/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/beaconing/command_and_control_beaconing/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/beaconing/command_and_control_beaconing_high_confidence/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/windows/initial_access_evasion_suspicious_htm_file_creation/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_lsass_loaded_susp_dll/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/windows/persistence_service_dll_unsigned/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/ml/command_and_control_ml_packetbeat_rare_dns_question/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/ml/discovery_ml_linux_system_network_configuration_discovery/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/ml/discovery_ml_linux_system_network_connection_discovery/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/ml/credential_access_ml_linux_anomalous_metadata_process/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/ml/discovery_ml_linux_system_process_discovery/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/ml/discovery_ml_linux_system_information_discovery/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/ml/credential_access_ml_linux_anomalous_metadata_user/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/ml/discovery_ml_linux_system_user_discovery/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/ml/initial_access_ml_linux_anomalous_user_name/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/ml/credential_access_ml_suspicious_login_activity/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/ml/persistence_ml_rare_process_by_host_linux/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/integrations/ded/exfiltration_ml_rare_process_writing_to_external_device/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/ml/initial_access_ml_auth_rare_source_ip_for_a_user/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/ml/privilege_escalation_ml_linux_anomalous_sudo_activity/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/ml/command_and_control_ml_packetbeat_rare_urls/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/ml/command_and_control_ml_packetbeat_rare_user_agent/ 2025-01-22T17:17:38+00:00 https://detection.fyi/tags/use-case-c2-beaconing-detection/ 2025-01-22T17:17:38+00:00 https://detection.fyi/tags/use-case-data-exfiltration-detection/ 2025-01-22T17:17:38+00:00 https://detection.fyi/tags/use-case-guided-onboarding/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_veeam_backup_dll_imageload/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/discovery_virtual_machine_fingerprinting_grep/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/apm/apm_403_response_to_a_post/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/apm/apm_sqlmap_user_agent/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/apm/apm_405_response_method_not_allowed/ 2025-01-22T17:17:38+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/initial_access_zoom_meeting_with_no_passcode/ 2025-01-22T17:17:38+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_rsync_shell_execution/ 2025-01-19T20:55:40+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_rsync_shell_spawn/ 2025-01-19T20:55:40+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/credential_access_microsoft_365_potential_password_spraying_attack/ 2025-01-17T15:52:13+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_suspicious_jar_child_process/ 2025-01-17T15:52:13+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-36874/ 2025-01-15T11:25:00+00:00 https://detection.fyi/tags/cve.2023-36874/ 2025-01-15T11:25:00+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-36874/file_event_win_exploit_cve_2023_36874_wermgr_creation/ 2025-01-15T11:25:00+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-49113/ 2025-01-08T22:16:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/exploits/cve-2024-49113/win_application_error_exploit_cve_2024_49113_ldap_nightmare/ 2025-01-08T22:16:36+00:00 https://detection.fyi/tags/cve.2024-49113/ 2025-01-08T22:16:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-42475/ 2025-01-06T14:36:19+00:00 https://detection.fyi/tags/cve.2022-42475/ 2025-01-06T14:36:19+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/ta/dprk/ 2025-01-06T14:36:19+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2024/ta/dprk/dns_query_win_apt_dprk_malicious_domains/ 2025-01-06T14:36:19+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-42475/fortios_sslvpnd_exploit_cve_2022_42475_exploitation_indicators/ 2025-01-06T14:36:19+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_hktl_evil_winrm_execution/ 2025-01-06T14:36:19+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_lsass_memdump/ 2025-01-06T14:36:19+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_sentinelone_shell_context_tampering/ 2025-01-06T14:36:19+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_anydesk_revoked_cert/ 2025-01-06T14:36:19+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_screenconnect_remote_execution/ 2025-01-06T14:36:19+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_screenconnect_webshell/ 2025-01-06T14:36:19+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wget_download_susp_locations/ 2025-01-06T14:36:19+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_ledger/ 2025-01-03T14:53:20+00:00 https://detection.fyi/tags/attack.t1588/ 2024-12-27T15:38:02+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/other/ 2024-12-27T15:38:02+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/other/win_av_relevant_match/ 2024-12-27T15:38:02+00:00 https://detection.fyi/sublime-security/sublime-rules/infra_abuse_hardbacon/ 2024-12-20T18:30:31+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_lambda_function_url/ 2024-12-19T19:30:58+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_register_new_logon_process_by_rubeus/ 2024-12-19T17:41:14+00:00 https://detection.fyi/tags/attack.s0195/ 2024-12-14T19:55:43+00:00 https://detection.fyi/tags/attack.t1553.002/ 2024-12-14T19:55:43+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_sdelete_potential_secure_deletion/ 2024-12-14T19:55:43+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_free_subdomain_suspicious_link_language/ 2024-12-12T19:23:24+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_rds_dbcluster_actions/ 2024-12-06T23:19:18+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_microsoft_teams/ 2024-12-03T22:40:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_cmstp_com_object_access/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/exploits/cve-2019-1388/ 2024-12-01T22:29:17+00:00 https://detection.fyi/tags/cve.2019-1388/ 2024-12-01T22:29:17+00:00 https://detection.fyi/tags/cve.2021-41379/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/exploits/cve-2019-1388/proc_creation_win_exploit_cve_2019_1388/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_accesschk_check_permissions/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sc_change_sevice_image_path_by_non_admin/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-41379/proc_creation_win_exploit_cve_2021_41379/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_tscon_rdp_session_hijacking/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_sdclt/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_conhost_legacy_option/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_winsat/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_computerdefaults/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_changepk_slui/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_consent_comctl32/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_cleanmgr/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_dismhost/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_idiagnostic_profile/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_ieinstal/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_msconfig_gui/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_ntfs_reparse_point/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_pkgmgr_dism/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_wmp/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_wsreset_integrity_level/ 2024-12-01T22:29:17+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_susp_shellexec_execution/ 2024-12-01T16:32:36+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/lnx_auditd_password_policy_discovery/ 2024-12-01T13:09:27+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_file_and_directory_discovery/ 2024-12-01T13:07:54+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/firewall_as/win_firewall_as_delete_all_rules/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mode_codepage_russian/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-38831/proc_creation_win_exploit_cve_2023_38831_winrar_child_proc/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-38831/ 2024-12-01T12:40:32+00:00 https://detection.fyi/tags/cve.2023-38331/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_executable_detected/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/audit/gcp_access_policy_deleted/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/gworkspace/gcp_gworkspace_application_access_levels_modified/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_hktl_edr_silencer/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_sharpmove/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_soaphound_execution/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/object_access/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/peach-sandstorm/proc_creation_win_apt_peach_sandstorm_indicators/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/peach-sandstorm/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wscript_cscript_dropper/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/peach-sandstorm/proxy_apt_peach_sandstorm_falsefont_backdoor_c2_coms/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_mycomputer/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/pikabot/net_connection_win_malware_pikabot_rundll32_activity/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/pikabot/proc_creation_win_malware_pikabot_discovery/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_executable_detected/file_executable_detected_win_susp_embeded_sed_file/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_pingcastle/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_pingcastle_script_parent/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hh_chm_remote_download_or_execution/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/windows/create_remote_thread/create_remote_thread_win_mstsc_susp_location/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_pingcastle/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_sed_file_creation/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_java_susp_child_process/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/object_access/win_security_wfp_endpoint_agent_blocked/ 2024-12-01T12:40:32+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_malformed_ole/ 2024-11-25T22:58:08+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_knowbe4/ 2024-11-25T20:20:28+00:00 https://detection.fyi/tags/attack.g0093/ 2024-11-25T08:30:14+00:00 https://detection.fyi/tags/attack.t1212/ 2024-11-25T08:30:14+00:00 https://detection.fyi/tags/attack.t1622/ 2024-11-25T08:30:14+00:00 https://detection.fyi/tags/cve.2023-21746/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/gallium/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/gallium/proc_creation_win_apt_gallium_iocs/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_createminidump/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_gmer/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_handlekatz/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_impersonate/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_localpotato/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_pchunter/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_hktl_sharpevtmute/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_stracciatella_execution/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_sysmoneop/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_uacme/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/create_stream_hash/create_stream_hash_hktl_generic_download/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/3cx-supply-chain/image_load_malware_3cx_compromise_susp_dll/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_mpiexec/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/3cx-supply-chain/proc_creation_win_malware_3cx_compromise_execution/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_frp/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_nimgrab/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_nps/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_process_hacker/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_system_informer/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_iox/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_netsupport_susp_exec/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_autoit/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_netsupport_rat/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_paexec/ 2024-11-25T08:30:14+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_app_role_added/ 2024-11-20T19:43:21+00:00 https://detection.fyi/sublime-security/sublime-rules/sender_new_from_domain_first_time_sender/ 2024-11-20T07:27:38+00:00 https://detection.fyi/sublime-security/sublime-rules/sender_ad_distinguished_name/ 2024-11-13T21:52:58+00:00 https://detection.fyi/tags/suspicious-sender/ 2024-11-13T21:52:58+00:00 https://detection.fyi/sublime-security/sublime-rules/shopify_infra_abuse/ 2024-11-13T20:55:07+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_python_reverse_shell/ 2024-11-04T11:15:00+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_python_pty_spawn/ 2024-11-04T11:15:00+00:00 https://detection.fyi/sigmahq/sigma/category/antivirus/av_hacktool/ 2024-11-04T10:45:07+00:00 https://detection.fyi/sigmahq/sigma/category/antivirus/av_password_dumper/ 2024-11-04T10:45:07+00:00 https://detection.fyi/sigmahq/sigma/category/antivirus/av_relevant_files/ 2024-11-04T10:45:07+00:00 https://detection.fyi/sigmahq/sigma/category/antivirus/av_webshell/ 2024-11-04T10:45:07+00:00 https://detection.fyi/sigmahq/sigma/network/dns/net_dns_pua_cryptocoin_mining_xmr/ 2024-11-04T10:32:02+00:00 https://detection.fyi/joesecurity/ 2024-11-04T08:32:05+00:00 https://detection.fyi/joesecurity/sigma-rules/pastesharingurlinreverseorder/ 2024-11-04T08:32:05+00:00 https://detection.fyi/joesecurity/sigma-rules/ 2024-11-04T08:32:05+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_runmru_susp_command_execution/ 2024-11-01T19:52:27+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_rdp_file_susp_creation/ 2024-11-01T09:47:36+00:00 https://detection.fyi/tags/attack.t1090.001/ 2024-11-01T09:21:04+00:00 https://detection.fyi/tags/attack.t1560/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dotnet_trace_lolbin_execution/ 2024-11-01T09:21:04+00:00 https://detection.fyi/tags/car.2019-04-004/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cloudflared_portable_execution/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cloudflared_quicktunnel_execution/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cloudflared_tunnel_cleanup/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cloudflared_tunnel_run/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_tar_compression/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_tar_extraction/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_forfiles_child_process_masquerading/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_edrsilencer/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/pipe_created/pipe_created_hktl_efspotato/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_tail_base64_decode_from_image/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_susp_direct_ntopenprocess_call/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_powershell_execution_policy/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_lsass_dump_generic/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_teams_suspicious_command_line_cred_access/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_cloudflared/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rar_susp_greedy_compression/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_recycle_bin_fake_execution/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_wordpad_uncommon_ports/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_ioreg_discovery/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_swvers_discovery/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_system_profiler_discovery/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_csrutil_disable/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_csrutil_status/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_classic/posh_pc_tamper_windows_defender_set_mp/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_tamper_windows_defender_set_mp/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_office_uncommon_file_startup/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_recon_system_info_uncommon/ 2024-11-01T09:21:04+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_domain_dead_drop_resolvers/ 2024-10-25T14:32:03+00:00 https://detection.fyi/tags/attack.t1649/ 2024-10-08T20:37:23+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_certipy/ 2024-10-08T20:37:23+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_windows_defender_tamper/ 2024-10-08T20:07:45+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_lsass_default_dump_file_names/ 2024-10-08T19:57:25+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_winget_add_susp_custom_source/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_imewbdld_download/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_msedge_proxy_download/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_squirrel_download/ 2024-10-01T12:56:09+00:00 https://detection.fyi/tags/attack.t1518/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_eventlog/win_system_eventlog_cleared/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_non_exe_image/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_f5_tm_utility_bash_api_request/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_hktl_generic_access/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_winpwn/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_hktl_winpwn/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_eventlog/win_system_susp_eventlog_cleared/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/lace-tempest/proc_creation_win_apt_lace_tempest_cobalt_strike_download/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/lace-tempest/file_event_win_apt_lace_tempest_indicators/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/lace-tempest/proc_creation_win_apt_lace_tempest_loader_execution/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/lace-tempest/posh_ps_apt_lace_tempest_eraser_script/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/lace-tempest/posh_ps_apt_lace_tempest_malware_launcher/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/lace-tempest/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_dll_rstrtmgr_suspicious_load/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_eventlog/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-46214/web_cve_2023_46214_rce_splunk_enterprise/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_office_excel_dcom_lateral_movement/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_ms_appinstaller_download/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/process_tampering/proc_tampering_susp_process_hollowing/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_electron_execution_proxy/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_lsass_susp_access_flag/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_decrypt_pattern/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/process_tampering/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/create_remote_thread/create_remote_thread_win_powershell_susp_targets/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_msxsl_remote_execution/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_ime_suspicious_paths/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_ime_non_default_extension/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_unusual_parent/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_whoami_execution_from_high_priv_process/ 2024-10-01T12:56:09+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_whoami_output/ 2024-10-01T12:56:09+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/persistence_application_added_to_google_workspace_domain/ 2024-09-25T20:19:20+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/defense_evasion_application_removed_from_blocklist_in_google_workspace/ 2024-09-25T20:19:20+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/defense_evasion_domain_added_to_google_workspace_trusted_domains/ 2024-09-25T20:19:20+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/initial_access_external_user_added_to_google_workspace_group/ 2024-09-25T20:19:20+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/collection_google_drive_ownership_transferred_via_google_workspace/ 2024-09-25T20:19:20+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/persistence_google_workspace_2sv_policy_disabled/ 2024-09-25T20:19:20+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/persistence_google_workspace_admin_role_assigned_to_user/ 2024-09-25T20:19:20+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/impact_google_workspace_admin_role_deletion/ 2024-09-25T20:19:20+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/persistence_google_workspace_api_access_granted_via_dwd/ 2024-09-25T20:19:20+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/defense_evasion_google_workspace_bitlocker_setting_disabled/ 2024-09-25T20:19:20+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/persistence_google_workspace_custom_admin_role_created/ 2024-09-25T20:19:20+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/collection_google_workspace_custom_gmail_route_created_or_modified/ 2024-09-25T20:19:20+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/impact_google_workspace_mfa_enforcement_disabled/ 2024-09-25T20:19:20+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/persistence_google_workspace_password_policy_modified/ 2024-09-25T20:19:20+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/defense_evasion_restrictions_for_marketplace_modified_to_allow_any_app/ 2024-09-25T20:19:20+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/persistence_google_workspace_role_modified/ 2024-09-25T20:19:20+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/persistence_google_workspace_user_organizational_unit_changed/ 2024-09-25T20:19:20+00:00 https://detection.fyi/elastic/detection-rules/integrations/google_workspace/persistence_mfa_disabled_for_google_workspace_organization/ 2024-09-25T20:19:20+00:00 https://detection.fyi/elastic/detection-rules/cross-platform/execution_revershell_via_shell_cmd/ 2024-09-25T20:19:20+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_hktl_execution/ 2024-09-22T17:29:20+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_network_utilities_execution/ 2024-09-22T17:29:20+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/windefend/ 2024-09-22T17:14:26+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_windows_defender_exclusions_write_access/ 2024-09-22T17:14:26+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/windefend/win_defender_real_time_protection_disabled/ 2024-09-22T17:14:26+00:00 https://detection.fyi/tags/attack.command_and_control/ 2024-09-21T00:11:31+00:00 https://detection.fyi/tsale/sigma_rules/threat-hunting-queries/proc_creation_windows_meshagent/ 2024-09-21T00:11:31+00:00 https://detection.fyi/tsale/sigma_rules/threat-hunting-queries/ 2024-09-21T00:11:31+00:00 https://detection.fyi/joesecurity/sigma-rules/searchforsntivirusprocess/ 2024-09-20T12:15:52+00:00 https://detection.fyi/sublime-security/sublime-rules/brand_impersonation_interac/ 2024-09-16T18:29:16+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/solarwinds-supply-chain/proc_creation_win_apt_unc2452_cmds/ 2024-09-13T09:17:23+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-41379/win_vul_cve_2021_41379/ 2024-09-13T09:14:11+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_sam_dump/ 2024-09-13T09:14:11+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_cicada3301_ransomware/ 2024-09-09T03:44:03+00:00 https://detection.fyi/tags/attack.t1578/ 2024-09-09T03:44:03+00:00 https://detection.fyi/tags/attack.t1578.003/ 2024-09-09T03:44:03+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_cicada3301_ransomware/file_creation_win_cicada_psexec/ 2024-09-09T03:44:03+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_cicada3301_ransomware/proc_creation_win_cicada3301_execution/ 2024-09-09T03:44:03+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_cicada3301_ransomware/proc_creation_win_hyperv_stopvm/ 2024-09-09T03:44:03+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_cicada3301_ransomware/proc_creation_win_iisreset_stop/ 2024-09-09T03:44:03+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_apt_shell_execution/ 2024-09-02T11:19:31+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_vim_shell_execution/ 2024-09-02T11:19:31+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_disable_bucket_versioning/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-44228/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-22954/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-20198/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-27363/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-43261/ 2024-09-02T08:01:36+00:00 https://detection.fyi/tags/cve.2021-44228/ 2024-09-02T08:01:36+00:00 https://detection.fyi/tags/cve.2022-22954/ 2024-09-02T08:01:36+00:00 https://detection.fyi/tags/cve.2023-27363/ 2024-09-02T08:01:36+00:00 https://detection.fyi/tags/cve.2023-43621/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/darkgate/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/darkgate/proc_creation_win_malware_darkgate_autoit3_from_susp_parent_and_location/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/darkgate/file_event_win_malware_darkgate_autoit3_binary_creation/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/darkgate/proc_creation_win_malware_darkgate_net_user_creation/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/diamond-sleet/dns_query_win_apt_diamond_steel_indicators/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/diamond-sleet/file_event_win_apt_diamond_sleet_indicators/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/diamond-sleet/proc_creation_win_apt_diamond_sleet_indicators/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/diamond-sleet/win_security_apt_diamond_sleet_scheduled_task/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/diamond-sleet/registry_event_apt_diamond_sleet_scheduled_task/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_set_enable_anonymous_connection/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-20198/cisco_syslog_cve_2023_20198_ios_xe_web_ui/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_certoc_download_direct_ip/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/pipe_created/pipe_created_hktl_coercedpotato/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_obfuscated_ip_via_cli/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/okta-support-system-breach/okta_apt_suspicious_user_creation/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/okta-support-system-breach/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_office_onenote_embedded_script_execution/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/onyx-sleet/file_event_win_apt_onyx_sleet_indicators/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/onyx-sleet/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-44228/proc_creation_win_exploit_cve_2021_44228_vmware_horizon_log4j/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-22954/proc_creation_win_exploit_cve_2022_22954_vmware_workspace_one_rce/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-27363/file_event_win_cve_2023_27363_foxit_rce/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_hidden_dir_index_allocation/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_hidden_dir_index_allocation/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-43261/proxy_exploit_cve_2023_43261_milesight_information_disclosure/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-43261/web_exploit_cve_2023_43261_milesight_information_disclosure/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-34362-moveit-transfer-exploit/proc_creation_win_exploit_cve_2023_34362_moveit_transfer_exploitation_activity/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_vscode_child_processes_anomalies/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_office_exec_from_trusted_locations/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_powershell_enablescripts_enabled/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_registry_office_disable_python_security_warnings/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/screenconnect/win_app_remote_access_tools_screenconnect_command_exec/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/screenconnect/win_app_remote_access_tools_screenconnect_file_transfer/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_remote_access_tools_screenconnect_remote_file/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_vscode_tunnel_renamed_execution/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/screenconnect/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_get_process_security_software_discovery/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/ursnif/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/ursnif/proc_creation_win_malware_ursnif_cmd_redirection/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_vscode_tunnel_remote_creation_artefacts/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_vscode_tunnel_service_install/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_vscode_tunnel_remote_shell_/ 2024-09-02T08:01:36+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/firewall_as/win_firewall_as_delete_rule/ 2024-08-29T18:41:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_susp_system_network_discovery/ 2024-08-29T18:30:47+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-29072/ 2024-08-29T17:21:47+00:00 https://detection.fyi/tags/cve.2022-29072/ 2024-08-29T17:21:47+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_amsi_init_failed_bypass/ 2024-08-29T17:21:47+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-29072/proc_creation_win_exploit_cve_2022_29072_7zip/ 2024-08-29T17:21:47+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-34362-moveit-transfer-exploit/file_event_win_exploit_cve_2023_34362_moveit_transfer/ 2024-08-29T17:21:47+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_office_disable_python_security_warnings/ 2024-08-29T17:21:47+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sdiagnhost_susp_child/ 2024-08-29T17:21:47+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wusa_cab_files_extraction_from_susp_paths/ 2024-08-29T12:43:32+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_xwizard_runwizard_com_object_exec/ 2024-08-29T12:43:32+00:00 https://detection.fyi/tags/detection.threat-hunting/ 2024-08-29T12:43:32+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dxcap_arbitrary_binary_execution/ 2024-08-29T12:43:32+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_acccheckconsole_execution/ 2024-08-29T12:43:32+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sigverif_uncommon_child_process/ 2024-08-29T12:43:32+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wsl_windows_binaries_execution/ 2024-08-29T12:43:32+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_excessive_concatenation/ 2024-08-27T15:14:23+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_disable/ 2024-08-26T08:20:57+00:00 https://detection.fyi/tsale/sigma_rules/lol_bins/ 2024-08-16T18:57:17+00:00 https://detection.fyi/tsale/sigma_rules/lol_bins/proc_creation_windows_udl_exec/ 2024-08-16T18:57:17+00:00 https://detection.fyi/joesecurity/sigma-rules/capturewifipassword/ 2024-08-14T12:47:45+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2010/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2015/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_7zip_exfil_dmp_files/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_side_load_abused_dlls_susp_paths/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_hide_services_via_set_service/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_using_set_service_to_hide_services/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_print_remote_file_copy/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_admin_share_access/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_access_to_browser_login_data/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_account_lockout/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_get_adcomputer/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_get_adgroup/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_csvde_export/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_ldifde_export/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/identity_protection/azure_identity_protection_anonymous_ip_activity/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/threat_management/microsoft365_activity_from_anonymous_ip_addresses/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/threat_management/microsoft365_activity_from_infrequent_country/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/threat_detection/microsoft365_from_susp_ip_addresses/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/threat_management/microsoft365_activity_by_terminated_user/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_susp_ad_group_reco/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_ad_group_reco/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_ad_object_writedac_access/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_account_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_adcs_certificate_template_configuration_vulnerability/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_adcs_certificate_template_configuration_vulnerability_eku/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_aedebug_persistence/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_hangs_debugger_persistence/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_winget_add_insecure_custom_source/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_winget_add_custom_source/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_add_remove_computer/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_add_windows_capability/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_add_windows_capability/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_app_owner_added/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/pipe_created/pipe_created_adfs_namedpipe_connection_uncommon_tool/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-40539/web_cve_2021_40539_adselfservice/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_adsi_cache_creation_by_uncommon_tool/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/malware/adwind-rat/proc_creation_win_malware_adwind/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_mal_adwind/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/malware/adwind-rat/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_agentexecutor_potential_abuse/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wbadmin_delete_all_backups/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_amsi_bypass_pattern_nov22/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/identity_protection/azure_identity_protection_anomalous_token/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/identity_protection/azure_identity_protection_anonymous_ip_address/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/product/apache/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/product/apache/web_apache_segfault/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-33891/web_cve_2022_33891_spark_shell_command_injection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/product/apache/web_apache_threading_error/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/ta/apc-c-12/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_app_permissions_msft/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_app_privileged_permissions/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_uninstall_application/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_terminate_application/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/msiinstaller/win_builtin_remove_application/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_app_device_code_authentication/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/application_popup/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_app_ropc_authentication/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_appinstaller/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/appxpackaging_om/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/ta/privatelog/image_load_usp_svchost_clfsw32/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/ta/apt10/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/apt28/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/apt29-cozybear/proc_creation_win_apt_apt29_phishing_campaign_indicators/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/apt29-cozybear/file_event_win_apt_cozy_bear_phishing_campaign_indicators/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/apt29-cozybear/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_gup_arbitrary_binary_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_configsecuritypolicy_download_file/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_gfxdownloadwrapper_arbitrary_file_download/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_msohtmed_download/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mspub_download/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_presentationhost_download/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_devinit_lolbin_usage/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_aspnet_temp_files/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_cl_loadassembly/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-36804/web_cve_2022_36804_atlassian_bitbucket_command_injection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.g0004/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.g0007/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.g0022/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.g0030/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.g0035/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.g0045/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.g0047/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.g0050/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.g0060/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.g0080/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.g0091/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.g0115/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.g0129/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.s0039/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.s0040/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.s0081/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.s0108/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.s0246/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.s0349/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.s0363/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.s0402/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.s0482/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.s0508/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.s0575/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.s0592/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1001.003/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1010/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1014/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1021.005/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1027.004/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1027.009/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1036.006/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1037.005/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1048.001/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1074.001/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1091/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1095/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1110.002/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1114.001/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1120/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1124/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1125/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1132.001/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1136.002/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1137.002/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1137.003/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1199/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1200/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1216.001/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1218.013/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1222/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1484/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1499.001/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1499.004/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1525/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1539/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1542.001/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1542.003/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1546.013/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1546.014/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1553.001/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1555.001/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1555.005/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1559/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1559.001/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1559.002/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1562.010/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1563.002/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1565/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1568.002/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1588.001/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1590.002/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1593.003/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/attack.t1606/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/identity_protection/azure_identity_protection_atypical_travel/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_audio_capture/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_soundrecorder_audio_capture/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/microsoft-windows_audit_cve/win_audit_cve/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_auditpol_susp_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_auditpol_nt_resource_kit_usage/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_get_childitem_bookmarks/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_automated_collection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_automated_collection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_winrm_awl_bypass/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_winrm_awl_bypass/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_ec2_disable_encryption/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_ec2_startup_script_change/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_ec2_vm_export_failure/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_ecs_task_definition_cred_endpoint_query/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_efs_fileshare_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_efs_fileshare_mount_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_eks_cluster_created_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_elasticache_security_group_created/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_elasticache_security_group_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_passed_role_to_glue_development_endpoint/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_guardduty_disruption/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_rds_change_master_password/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_s3_data_management_tampering/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_snapshot_backup_exfiltration/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_aadhybridhealth_adfs_new_server/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_aadhybridhealth_adfs_service_delete/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/identity_protection/azure_identity_protection_leaked_credentials/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_aadhealth_mon_agent_regkey_access/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_aadhealth_svc_agent_regkey_access/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/identity_protection/azure_identity_protection_threat_intel/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_application_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_application_gateway_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_application_security_group_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_device_no_longer_managed_or_compliant/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_device_or_configuration_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_dns_zone_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_firewall_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_firewall_rule_collection_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_network_firewall_rule_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_keyvault_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_keyvault_key_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_keyvault_secrets_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_kubernetes_cronjob/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_kubernetes_events_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_kubernetes_pods_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_network_firewall_policy_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_network_security_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_new_cloudshell_created/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_owner_removed_from_application_or_service_principal/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_network_p2s_vpn_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_service_principal_created/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_service_principal_removed/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_suppression_rule_created/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_network_virtual_device_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_virtual_network_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/activity_logs/azure_vpn_connection_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/babyshark/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/microsoft_windows_backup/win_susp_backup_delete/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_bad_opsec_artifacts/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_inline_base64_mz_header/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_bash_interactive_shell/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/ta/bear-apt-activity/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_binary_padding/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/bits_client/win_bits_client_new_transfer_via_ip_address/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/bits_client/win_bits_client_new_trasnfer_susp_local_folder/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/bits_client/win_bits_client_new_transfer_saving_susp_extensions/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_ua_bitsadmin_susp_ip/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/malware/bluesky-ransomware/win_security_malware_bluesky_ransomware_files_indicators/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/malware/bluesky-ransomware/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_bpftrace_unsafe_option_usage/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/malware/bumblebee/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_wsreset/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_ilasm_il_code_compilation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/capi2/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/car.2013-01-002/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/car.2013-02-003/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/car.2013-03-001/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/car.2013-10-002/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/car.2014-04-003/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/car.2014-11-003/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/car.2014-11-008/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/car.2016-03-002/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/certificate_services_client_lifecycle_system/win_certificateservicesclient_lifecycle_system_cert_exported/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_export_certificate/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_export_certificate/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/capi2/win_capi2_acquire_certificate_private_key/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/msexchange/win_exchange_proxyshell_certificate_generation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/certificate_services_client_lifecycle_system/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_set_policies_to_unsecure_level/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_ad_device_registration_policy_changes/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_chmod_directories/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/network/cisco/aaa/cisco_cli_clear_logs/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/network/cisco/aaa/cisco_cli_collect_data/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/network/cisco/aaa/cisco_cli_crypto_actions/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/network/cisco/aaa/cisco_cli_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/clamav/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_clear_logs/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_clearing_windows_console_history/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/network/firewall/net_firewall_cleartext_protocols/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_clipboard_collection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_office_dotnet_clr_dll_load/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_no_space_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_cmstp_execution_by_access/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/network/dns/net_dns_mal_cobaltstrike/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_cobaltstrike_load_by_rundll32/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/pipe_created/pipe_created_hktl_cobaltstrike/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/pipe_created/pipe_created_hktl_cobaltstrike_re/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/pipe_created/pipe_created_hktl_cobaltstrike_susp_pipe_patterns/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_office_comobject_registerxll/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_pcwutl/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/code_integrity/win_codeintegrity_revoked_image_blocked/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/code_integrity/win_codeintegrity_blocked_protected_process_file/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/code_integrity/win_codeintegrity_revoked_image_loaded/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/code_integrity/win_codeintegrity_revoked_driver_loaded/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/code_integrity/win_codeintegrity_whql_failure/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/code_integrity/win_codeintegrity_unsigned_image_loaded/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/code_integrity/win_codeintegrity_unsigned_driver_loaded/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/coldsteel/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/coldsteel/win_system_malware_coldsteel_persistence_service/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/coldsteel/proc_creation_win_malware_coldsteel_anonymous_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/coldsteel/proc_creation_win_malware_coldsteel_cleanup/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/coldsteel/proc_creation_win_malware_coldsteel_service_persistence/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/lnx_clear_syslog/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/network_connection/net_connection_lnx_ngrok_tunnel/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_domain_ngrok_tunnel/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_susp_malware_callback_ports_uncommon/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_7zip_password_compression/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_winzip_password_compression/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_computer_discovery_get_adcomputer/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_computer_discovery_get_adcomputer/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_ksetup_password_change_computer/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_recon_computersystem/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/exploits/cve-2019-3398/web_cve_2019_3398_confluence/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_conhost_path_traversal/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_container_residence_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/conti/proc_creation_win_malware_conti_7zip/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_cmdline_convertto_securestring/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_copy_dmp_from_share/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_shadowcopy_access/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_cp_passwd_or_shadow_tmp/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_diagcab/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_create_account/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/create_stream_hash/create_stream_hash_creation_internet_file/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_lsass_python_based_tool/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_lsass_werfault/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_mal_creddumper/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_mal_creddumper/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_creds_from_keychain/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_find_cred_in_files/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_kernel_general/win_system_susp_critical_hive_location_access_bits_cleared/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_crontab_enumeration/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_csc_susp_parent/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wscript_cscript_uncommon_extension_exec/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_csexec_service/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_install_csexecsvc/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_curl_usage/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_custom_file_open_handler_powershell_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2010/exploits/cve-2010-5278/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2010/exploits/cve-2010-5278/web_cve_2010_5278_exploitation_attempt/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2015/exploits/cve-2015-1641/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/exploits/cve-2017-0261/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/exploits/cve-2017-8759/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/exploits/cve-2019-3398/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-0688/web_cve_2020_0688_exchange_exploit/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-0688/win_vul_cve_2020_0688/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-10148/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-10148/web_cve_2020_10148_solarwinds_exploit/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-10189/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-1350/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-1675/win_security_exploit_cve_2021_1675_printspooler_security/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-21972/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-21972/web_cve_2021_21972_vsphere_unauth_rce_exploit/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-21978/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-21978/web_cve_2021_21978_vmware_view_planner_exploit/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-22005/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-22893/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-26084/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-26857/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-27905/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-28480/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-33766/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-33766/web_cve_2021_33766_msexchange_proxytoken/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-35211/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-40444/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-41773/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-41773/web_cve_2021_41773_apache_path_traversal/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-42237/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-44077/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-44077/file_event_win_cve_2021_44077_poc_default_files/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-21554/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-21587/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-26809/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-27925/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-31656/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-31656/web_cve_2022_31656_auth_bypass/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-31659/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-31659/web_cve_2022_31659_vmware_rce/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-36804/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-44877/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-46169/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-2283/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-23397/win_security_exploit_cve_2023_23397_outlook_remote_file_query/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-25157/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-25717/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-36884/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-38831/file_event_win_exploit_cve_2023_38331_winrar_susp_double_ext/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-40477/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-40477/file_event_win_exploit_cve_2023_40477_winrar_rev_file_abuse/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-40477/win_application_exploit_cve_2023_40477_winrar_crash/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2010-5278/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2015-1641/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2017-0261/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2017-5638/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2017-8759/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2019-3398/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2020-10148/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2020-10189/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2020-1350/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2021-21972/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2021-22005/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2021-22893/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2021-26084/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2021-26857/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2021-27905/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2021-28480/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2021-33766/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2021-35211/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2021-36934/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2021-40444/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2021-41773/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2021-42237/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2021-44077/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2022-21587/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2022-26809/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2022-27925/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2022-31656/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2022-31659/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2022-36804/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2022-44877/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2022-46169/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2023-21554/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2023-2283/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2023-25157/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2023-25717/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2023-36884/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/cve.2023-40477/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/darkside/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/darkside/proc_creation_win_malware_darkside_ransomware/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/threat_management/microsoft365_data_exfiltration_to_unsanctioned_app/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_dce_rpc_smb_spoolss_named_pipe/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_dcom_iertutil_dll_hijack/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_dd_file_overwrite/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_base64_decode/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_base64_decode/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_app_delegated_permissions_all_users/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_delete_all/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_delete/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_classic/posh_pc_delete_volume_shadow_copies/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_shadowcopy_deletion/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_software_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_software_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mssql_sqlps_susp_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_device_installation_blocked/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/devil-bait/proxy_malware_devil_bait_c2_communication/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_devtoolslauncher/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/diagnosis/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_dll_sdiageng_load_by_msdt/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/account_management/win_security_diagtrack_eop_default_login_username/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_directorysearcher/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_disabled_exploit_guard_net_protection_on_ms_defender/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_disable_macroruntimescanscope/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_etw_trace_evasion/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_services_stop_and_disable/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_disable_psreadline_command_history/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_disable_privacy_settings_experience/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_disabled_pua_protection_on_microsoft_defender/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_disable_security_tools/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_disabled_tamper_protection_on_microsoft_defender/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_disable_defender_av_security_monitoring/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_disable_windows_firewall/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_iis_appcmd_http_logging/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_disable_windows_optional_feature/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_disable_ie_features/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_volsnap_disable/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_disabled_microsoft_defender_eventlog/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_security_tools_disabling/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/syslog/lnx_syslog_security_tools_disabling_syslog/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_time_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_ad_azurehound_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/application/django/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/application/django/appframework_django_exceptions/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_rasautou_dll_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_susp_dll_load_system_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_cmstp_load_dll_from_susp_location/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dns_exfiltration_tools_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_hybridconnectionmgr_servicebus/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/dns_client/win_dns_client_anonymfiles_com/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_anonymfiles_com/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_regsvr32_dns_query/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_mega_nz/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/dns_client/win_dns_client_mega_nz/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_ufile_io_query/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/dns_client/win_dns_client_ufile_io/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-1350/proc_creation_win_exploit_cve_2020_1350/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_dns_server_discovery_via_ldap_query/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/network/dns/net_dns_susp_txt_exec_strings/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_dockerenv_recon/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_office_dotnet_assembly_dll_load/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_wget_download_suspicious_directory/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_dpapi_domain_backupkey_extraction/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/ta/dragonfly/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/dridex/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/driver_load/driver_load_win_susp_temp_use/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_odbcconf_driver_install/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/driverframeworks/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_spool_drivers_color_drop/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_dump_password_windows_credential_manager/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/esent/win_esent_ntdsutil_abuse_susp_location/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_dumping_sensitive_hives/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_susp_sqldumper_activity/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_dumpstack_log_evasion/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_csc_susp_dynamic_compilation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_csharp_compile_artefact/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/malware/elise-backdoor/proc_creation_win_malware_elise/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/malware/elise-backdoor/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_email_exfil/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/malware/emotet/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/ta/empiremonkey/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_bpf_kprob_tracing_enabled/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_winget_enable_local_manifest/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_office_enable_dde/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_enable_psremoting/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_enabling_cor_profiler_env_variables/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_app_end_user_consent/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/audit_logs/azure_app_end_user_consent_blocked/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_enumerate_password_windows_credential_manager/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_enumeration_for_credentials_in_registry/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/ta/equationgroup/proc_creation_win_apt_equationgroup_dll_u_load/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/lnx_apt_equationgroup_lnx/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/ta/equationgroup/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/equationgroup/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/esent/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_esentutl_volume_shadow_copy_service_keys/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_etw_modification_cmdline/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_etw_trace_evasion/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_delete/file_delete_win_delete_event_log_files/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/evilnum/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/evilnum/proc_creation_win_apt_evilnum_jul20/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/exchange/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-28480/web_cve_2021_28480_exchange_exploit/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/ta/hafnium/web_exchange_exploitation_hafnium/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_delete/file_delete_win_delete_exchange_powershell_logs/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_snapins_hafnium/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/msexchange/win_exchange_set_oabvirtualdirectory_externalurl/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/zeek_http_executable_download_from_webdav/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_pester_1/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_pester/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_alternate_data_streams/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_invoke_command_remote/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_pcwrun_follina/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_wab_dllpath_reg_change/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_image_missing/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_shell_script_exec_from_susp_location/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_stordiag_susp_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_workfolders/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2015/exploits/cve-2015-1641/proc_creation_win_exploit_cve_2015_1641/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/exploits/cve-2017-0261/proc_creation_win_exploit_cve_2017_0261/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/exploits/cve-2017-8759/proc_creation_win_exploit_cve_2017_8759/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-10189/proc_creation_win_exploit_cve_2020_10189/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2010/exploits/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2015/exploits/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_external_device/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_extracting/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/dns_server/win_dns_server_failed_dns_zone_transfer/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_file_and_directory_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_gpg4win_decryption/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_file_deletion/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_ieexec_download/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_gup_download/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_protocolhandler_download/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_certoc_download/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_installutil_download/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mpcmdrun_download_arbitrary_file/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_gpg4win_encryption/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_gpg4win_susp_location/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_change_file_time_attr/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/file_event/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_rename/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rar_compress_data/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/fin7/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_findstr_lnk/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/network/firewall/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_netsh_fw_disable/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_netsh_fw_set_rule/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_lm_namedpipe/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/zeek_smb_converted_win_lm_namedpipe/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_susp_flash_download_loc/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_iptables_flush_ufw/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/foggyweb/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/foggyweb/image_load_malware_foggyweb_nobelium/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_zip_compress/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_delete/registry_delete_exploit_guard_protected_folders/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_fsutil_drive_enumeration/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_fsutil_usage/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_uac_bypass_editionupgrademanagerobj/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_office_dotnet_gac_dll_load/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/gallium/win_dns_analytic_apt_gallium/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_xattr_gatekeeper_bypass/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_lolbin_gather_network_info_script_output/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_as_rep_roasting/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/goofy-guineapig/file_event_win_malware_goofy_guineapig_file_indicators/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/goofy-guineapig/proxy_malware_goofy_gunieapig_c2_communication/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/goofy-guineapig/win_system_malware_goofy_guineapig_service_persistence/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/goofy-guineapig/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/audit/gcp_dns_zone_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/audit/gcp_firewall_rule_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/audit/gcp_kubernetes_cronjob/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/audit/gcp_kubernetes_rolebinding/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/audit/gcp_kubernetes_secrets_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/audit/gcp_dlp_re_identifies_sensitive_information/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/audit/gcp_service_account_disabled_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/audit/gcp_service_account_modified/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/audit/gcp_sql_database_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/audit/gcp_bucket_enumeration/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/audit/gcp_bucket_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/audit/gcp_vpn_tunnel_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/audit/gcp_full_network_traffic_packet_capture/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/gworkspace/gcp_gworkspace_application_removed/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/gworkspace/gcp_gworkspace_mfa_disabled/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/gworkspace/gcp_gworkspace_role_modified_or_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/gcp/gworkspace/gcp_gworkspace_role_privilege_deleted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_gpscript/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_del_greedy_deletion/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/greenbug/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/greenbug/proc_creation_win_apt_greenbug_may20/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/griffon/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/griffon/proc_creation_win_malware_griffon_patterns/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_groupdel/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_whoami_groups_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/guacamole/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/guacamole/lnx_guacamole_susp_guacamole/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_decode_gzip/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_hktl_baby_shark_default_agent_url/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_bloodhound_sharphound/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_certify/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_hktl_cobaltstrike_bof_injection_pattern/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_hktl_cobalt_strike_malleable_c2_requests/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_covenant/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_crackmapexec_patterns/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/pipe_created/pipe_created_hktl_generic_cred_dump_tools_pipes/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_powersploit_empire_default_schtasks/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/pipe_created/pipe_created_hktl_diagtrack_eop/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_hktl_dumpert/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_empire_powershell_launch/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_hktl_empire_ua_uri_patterns/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_c3_rundll32_pattern/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_hashcat/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_htran_or_natbypass/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_hydra/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_inveigh/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_jlaive_batch_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_krbrelay/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_mimikatz_command_line/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_hktl_mimikatz_files/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_hktl_nppspy/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_powertool/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_hktl_powerup_dllhijacking/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_purplesharp_indicators/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_pypykatz/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_quarks_pwdump/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_hktl_quarkspw_filedump/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_redmimicry_winnti_playbook/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_hktl_safetykatz/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_safetykatz/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_secutyxploded/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_sharp_chisel/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_sharpevtmute/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_sharp_impersonation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_sharp_ldap_monitor/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_sharpldapwhoami/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_hktl_silenttrinity_stager/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_silenttrinity_stager/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_sliver_c2_execution_pattern/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_hktl_hivenightmare_file_exports/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_evil_winrm/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_wmiexec_default_powershell/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_install_hacktools/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/malware/hancitor/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_recon_csproduct/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_netsh_wifi_credential_harvesting/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/malware/hermetic-wiper/proc_creation_win_malware_hermetic_wiper_activity/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/malware/hermetic-wiper/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/create_stream_hash/create_stream_hash_ads_executable/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_hidden_user_creation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_embed_exe_lnk/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_create_hidden_account/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_hide_scheduled_task_via_index_tamper/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_attrib_hiding_files/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_history_delete/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hh_html_help_susp_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_ua_empty/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_hybridconnectionmgr_svc_installation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_hybridconnectionmgr_svc_installation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/servicebus/win_hybridconnectionmgr_svc_running/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/icedid/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/icedid/proc_creation_win_malware_icedid_rundll32_dllregisterserver/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_ie_security_zone_protocol_defaults_downgrade/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_registry_ie_security_zone_protocol_defaults_downgrade/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_ie4uinit/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_imagingdevices_unusual_parents/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_impacket_psexec/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_ldifde_file_load/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_import_module_susp_dirs/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_import_module_susp_dirs/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/taskscheduler/win_taskscheduler_susp_schtasks_delete/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_scheduled_task_delete_or_disable/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_terminated_unexpectedly/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_terminated_error_important/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/identity_protection/azure_identity_protection_impossible_travel/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_clear_system_logs/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_bash_file_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_bash_command_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_cloudtrail_security_group_change_ingress_egress/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_winget_local_install_via_manifest/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_install_root_certificate/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_interactive_bash/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_ntdsutil_usage/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_invoke_obfuscation_clip/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_clip/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_clip/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_invoke_obfuscation_clip_services_security/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_invoke_obfuscation_clip_services/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_invoke_obfuscation_via_compress/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_via_compress/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_via_compress/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_invoke_obfuscation_via_compress_services_security/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_invoke_obfuscation_via_compress_services/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_invoke_obfuscation_obfuscated_iex_commandline/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_obfuscated_iex/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_obfuscated_iex/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_invoke_obfuscation_obfuscated_iex_services_security/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_invoke_obfuscation_obfuscated_iex_services/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_via_rundll/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_via_rundll/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_invoke_obfuscation_via_rundll_services_security/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_invoke_obfuscation_via_rundll_services/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_invoke_obfuscation_stdin/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_stdin/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_stdin/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_invoke_obfuscation_stdin_services_security/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_invoke_obfuscation_stdin_services/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_invoke_obfuscation_var/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_var/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_var/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_invoke_obfuscation_var_services_security/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_invoke_obfuscation_var_services/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_invoke_obfuscation_via_var/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_via_var/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_via_var/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_invoke_obfuscation_via_var_services_security/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_invoke_obfuscation_via_var_services/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_invoke_obfuscation_via_stdin/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_via_stdin/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_via_stdin/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_invoke_obfuscation_via_stdin_services_security/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_invoke_obfuscation_via_stdin_services/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_invoke_obfuscation_via_use_clip/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_via_use_clip/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_via_use_clip/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_invoke_obfuscation_via_use_clip_services_security/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_invoke_obfuscation_via_use_clip_services/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_invoke_obfuscation_via_use_mhsta/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_via_use_mhsta/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_via_use_mhsta/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_invoke_obfuscation_via_use_mshta_services_security/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_invoke_obfuscation_via_use_mshta_services/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_via_use_rundll32/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_via_use_rundll32/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_invoke_obfuscation_via_use_rundll32_services_security/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_invoke_obfuscation_via_use_rundll32_services/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_iso_mount/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_iso_file_recent/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_jamf_usage/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_jamf_susp_child/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/webserver_generic/web_java_payload_in_access_logs/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/webserver_generic/web_jndi_exploit/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_jsc_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/application/jvm/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/ta/kaseya-supply-chain/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_kavremover_uncommon_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/malware/ke3chang-tidepool/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_kerberos_manipulation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/zeek_susp_kerberos_rc4/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_launch_vsdevshell/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/ta/lazarus/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/lazarus/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/lazarus/proc_creation_win_apt_lazarus_group_activity/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/ta/lazarus/proc_creation_win_apt_lazarus_binary_masquerading/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_legitimate_app_dropping_archive/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_legitimate_app_dropping_exe/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_legitimate_app_dropping_script/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_base64_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_base64_shebang_cli/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/lnx_shell_clear_cmd_history/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_crypto_mining/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/network_connection/net_connection_lnx_crypto_mining_indicators/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_remove_package/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_recon_indicators/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_remote_system_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/network_connection/net_connection_lnx_back_connect_shell_dev/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_pipe_shell/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_webshell_detection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_sysinternals_livekd_driver/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_sysinternals_livekd_driver_susp_creation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_sysinternals_livekd_default_dump_name/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_cloudtrail_security_group_change_loadbalancer/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/diagnosis/scripted/win_diagnosis_scripted_load_remote_diagcab/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_local_groups/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_recon_group/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_wscript_cscript_local_connection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_local_account/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_user_creation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_workstation_was_locked/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/lockergoga/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/lockergoga/proc_creation_win_malware_lockergoga_ransomware/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-44228/web_cve_2021_44228_log4j/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-44228/web_cve_2021_44228_log4j_fields/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_ksetup_password_change_user/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_lolbin_onedrivestandaloneupdater/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_lolbin_exec_from_non_c_drive/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_runexehelper/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_lsa_ppl_protection_disabled/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/lsa_server/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/lsasrv/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/windefend/win_defender_asr_lsass_access/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_lsass_access_non_system_account/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_lsass_whitelisted_process_names/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_lsass_dmp_cli_keywords/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_lsass_usermode_dumping/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_lsass_dump_keyword_image/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_lsass_dump_comsvcs_dll/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_lsass_shtinkering/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/file_event/file_event_macos_emond_launch_daemon/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_network_service_scanning/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_remote_system_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_applescript/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/msexchange/win_exchange_proxyshell_mailbox_export/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_base64_hidden_flag/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/identity_protection/azure_identity_protection_malicious_ip_address/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/identity_protection/azure_identity_protection_malicious_ip_address_suspicious/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/pipe_created/pipe_created_susp_malicious_namedpipes/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_nishang_malicious_commandlets/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_use_of_vsjitdebugger_bin/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_malicious_keywords/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_shellintel_malicious_commandlets/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_use_of_te_bin/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/malware/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/malware/hancitor/proc_access_win_malware_verclsid_shellcode/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_ua_malware/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_directoryservices_accountmanagement/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_mavinject_process_injection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/ta/mercury/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/ta/mercury/proc_creation_win_apt_mercury/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_metasploit_authentication/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/threat_management/microsoft365_potential_ransomware_activity/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/threat_management/microsoft365_unusual_volume_of_file_deletion/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/threat_management/microsoft365_user_restricted_from_sending_email/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/windefend/win_defender_tamper_protection_trigger/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_office_excel_xll_susp_load/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_iis_connection_strings_decryption/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_iis_appcmd_service_account_password_dumped/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/windows_error_reporting/win_application_msmpeng_crash_wer/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_office_disable_protected_view_features/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_office_outlook_outlvba_load/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/microsoft_windows_backup/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_kernel_general/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_ntfs/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_windows_update_client/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/microsoft-windows_audit_cve/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_dcsync/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/win_alert_mimikatz_keywords/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/mint-sandstorm/proc_creation_win_apt_mint_sandstorm_log4j_wstomcat_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_modify_group_policy_settings/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_modify_group_policy_settings/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_moriya_rootkit/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/moriya-rootkit/file_event_win_moriya_rootkit/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/moriya-rootkit/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_mshtml_runhtmlapplication/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/msiinstaller/win_msi_install_from_susp_locations/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_msiexec_web_install/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/mssqlserver/win_mssql_add_sysadmin_account/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/mssqlserver/win_mssql_disable_audit_settings/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/mssqlserver/win_mssql_sp_procoption_set/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/mssqlserver/win_mssql_xp_cmdshell_change/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/mssqlserver/win_mssql_xp_cmdshell_audit_log/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_msxsl_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/muddywater/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/ta/mustangpanda/proc_creation_win_apt_mustangpanda/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/mustang-panda-australia-campaign/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/ta/mustangpanda/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_mkfifo_named_pipe_creation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_webclient_casing/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_classic/posh_pc_powercat/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_netsh_fw_enable_group_rule/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_install_netsupport_manager/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_domain_crypto_mining_pools/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_addinutil_initiated/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_eqnedt/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_imewdbld/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_regsvr32_network_activity/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_nslookup_domain_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_network_sniffing/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_new_application_appcompat/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/bits_client/win_bits_client_new_job_via_bitsadmin/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/bits_client/win_bits_client_new_job_via_powershell/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/identity_protection/azure_identity_protection_new_coutry_region/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_odbcconf_register_dll_regsvr/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/exchange/microsoft365_new_federated_domain_added_exchange/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_file_association_exefile/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_netsh_fw_add_rule/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_netsh_packet_capture/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_odbc_driver_registered/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_new_or_renamed_user_account_with_dollar_sign/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_netsh_port_forwarding/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_portproxy_registry_key/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/pipe_created/pipe_created_powershell_execution_pipe/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_taskmgr_susp_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_process_creation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_certmgr_certificate_installation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_install_root_or_ca_certificat/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_create_service/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_net_user_add/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_net_user_add_never_expire/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_tpmvscmgr_add_virtual_smartcard/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/product/nginx/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/product/nginx/web_nginx_core_dump/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/terminalservices/win_terminalservices_rdp_ngrok/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_nltest_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/application/nodejs/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_nohup/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/malware/notpetya/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/malware/notpetya/proc_creation_win_malware_notpetya/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_nslookup_poweshell_download/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_ntdllpipe_redirect/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_ntds_exfil_tools/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_ntds_dit_creation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_ntds_dit_uncommon_parent_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_ntds_dit_uncommon_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/esent/win_esent_ntdsutil_abuse/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/ntfs/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_ntfs_ads_access/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/ntfs/win_system_ntfs_vuln_exploit/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/ntlm/win_susp_ntlm_brute_force/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/lsasrv/win_system_lsasrv_ntlmv1/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_odbcconf_exec_susp_locations/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_office_test_regadd/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_office_macro_files_created/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_office_macro_files_from_susp_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_tls_protocol_old_version_enabled/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_omigod_scx_runasprovider_executescript/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_omigod_scx_runasprovider_executeshellcommand/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_office_onenote_files_in_susp_locations/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/openssh/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/openssh/win_sshd_openssh_server_listening_on_socket/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_openwith/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_cobaltstrike_bloopers_cmd/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_cobaltstrike_bloopers_modules/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_grep_os_arch_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_suspicious_applet_behaviour/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_cmstp_initiated_connection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_wscript_cscript_outbound_connection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_winlogon_net_connections/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_rdp_outbound_over_non_standard_tools/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/account_management/win_security_susp_logon_newcredentials/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-23397/registry_set_exploit_cve_2023_23397_outlook_reminder_trigger/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-41082/web_cve_2022_36804_exchange_owassrf_poc_exploitation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_install_paexec/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/papercut-print-management-exploitation/proc_creation_win_papercut_print_management_exploitation_indicators/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_lsass_dump/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/create_remote_thread/create_remote_thread_win_susp_password_dumper_lsass/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_get_addefaultdomainpasswordpolicy/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_password_policy_enumerated/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_opened_encrypted_zip/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_opened_encrypted_zip_outlook/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_opened_encrypted_zip_filename/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_net_use_password_plaintext/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/identity_protection/azure_identity_protection_password_spray/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_modify_screensaver_binary_path/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/webserver_generic/web_path_traversal_exploitation_attempt/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_payload_decoded_and_decrypted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_dll_pcre_dotnet_dll_load/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_pcre_net_temp_file/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pdqdeploy_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_perl_inline_command_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_disk_cleanup_handler_autorun_persistence/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_hhctrl_persistence/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_sip_persistence/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_registry_typed_paths_persistence/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_archiver_iso_phishing/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_php_inline_command_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_impacket_secretdump/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/zeek_smb_converted_win_impacket_secretdump/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_petitpotam_network_share/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/account_management/win_security_access_token_abuse/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_active_directory_module_dll_import/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_active_directory_module_dll_import/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_active_directory_module_dll_import/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_ad_user_enumeration/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_amsi_null_bits_bypass/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_amsi_null_bits_bypass/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_amsi_com_hijack/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dnx_execute_csharp_code/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/fin7/posh_ps_apt_fin7_powerhold/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/fin7/proc_creation_win_apt_fin7_powertrash_lateral_movement/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/fin7/file_event_win_apt_fin7_powershell_scripts_naming_convention/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/mustang-panda-australia-campaign/proc_creation_win_apt_mustang_panda_indicators/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/ta/apc-c-12/proc_creation_win_apt_aptc12_bluemushroom/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/ta/apt10/proc_creation_win_apt_apt10_cloud_hopper/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_node_abuse/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_office_winword_dll_load/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_office_arbitrary_cli_download/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmdl32_arbitrary_file_download/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-26084/proc_creation_win_exploit_cve_2021_26084_atlassian_confluence/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_policies_associations_tamper/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_policies_attachments_tamper/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/babyshark/proc_creation_win_malware_babyshark/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_ua_susp_base64/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cdb_arbitrary_command_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_vsdiagnostics_execution_proxy/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/malware/bumblebee/create_remote_thread_win_malware_bumblebee/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-44877/web_cve_2022_44877_exploitation_attempt/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_cobaltstrike_process_patterns/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/coldsteel/file_event_win_malware_coldsteel_service_dll_creation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/coldsteel/image_load_malware_coldsteel_persistence_service_dll/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/coldsteel/file_event_win_malware_coldsteel_renamed_cmd/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/coldsteel/registry_set_malware_coldsteel_created_users/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_download_com_cradles/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_download_com_cradles/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_commandline_path_traversal_evasion/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_cli_obfuscation_escape_char/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_path_traversal/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/3cx-supply-chain/dns_query_win_malware_3cx_compromise/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/3cx-supply-chain/net_connection_win_malware_3cx_compromise_beaconing_activity/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/3cx-supply-chain/proxy_malware_3cx_compromise_c2_beacon_activity/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/3cx-supply-chain/proxy_malware_3cx_compromise_susp_ico_requests/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/3cx-supply-chain/proc_creation_win_malware_3cx_compromise_susp_update/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_query_registry/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/conti/proc_creation_win_malware_conti_ransomware_commands/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/conti/proc_creation_win_malware_conti_ransomware_database_dump/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_registry_new_network_provider/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_new_network_provider/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/create_remote_thread/create_remote_thread_win_powershell_lsass/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lsass_process_clone/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_silentprocessexit_lsass/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_werfault_lsass_shtinkering/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_crypto_mining_monero/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-26857/proc_creation_win_exploit_cve_2021_26857_msexchange/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-27905/web_cve_2021_27905_apache_solr_exploit/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-40444/proc_creation_win_exploit_cve_2021_40444/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-21587/web_cve_2022_21587_oracle_ebs/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-26809/proc_creation_win_exploit_cve_2022_26809_rpcss_child_process_anomaly/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-46169/web_cve_2022_46169_cacti_exploitation_attempt/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-21554/proc_creation_win_exploit_cve_2023_21554_queuejumper/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-2283/lnx_sshd_exploit_cve_2023_2283_libssh_authentication_bypass/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-25157/web_cve_2023_25157_geoserver_sql_injection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-25717/web_cve_2023_25717_ruckus_wireless_admin_exploit_attempt/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-36874/proc_creation_win_exploit_cve_2023_36874_fake_wermgr/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-36874/file_event_win_exploit_cve_2023_36874_report_creation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-36884/proxy_exploit_cve_2023_36884_office_windows_html_rce_traffic/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-36884/win_security_exploit_cve_2023_36884_office_windows_html_rce_share_access_pattern/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-36884/proxy_exploit_cve_2023_36884_office_windows_html_rce_url_marker_traffic/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-36884/file_event_win_exploit_cve_2023_36884_office_windows_html_rce_file_patterns/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-36884/proxy_exploit_cve_2023_36884_office_windows_html_rce/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-36884/proxy_exploit_cve_2023_36884_office_windows_html_rce_extenstion_ip_pattern_traffic/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_audio_exfiltration/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_dcom_iertutil_dll_hijack/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_iexplore_dcom_iertutil_dll_hijack/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/devil-bait/file_event_win_malware_devil_bait_script_drop/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_find_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_susp_find_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_dosfuscation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_type_arbitrary_file_download/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/malware/dridex/proc_creation_win_malware_dridex/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/malware/emotet/proc_creation_win_malware_emotet_rundll32_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/ta/empiremonkey/proc_creation_win_apt_empiremonkey/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_encoding_patterns/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/snake/registry_set_malware_snake_encrypted_key/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_evtx_file_key_tamper/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-40444/proc_creation_win_exploit_cve_2021_40444_office_directory_traversal/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hxtsr_masquerading/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_malware_gobrat_grep_payload_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/goofy-guineapig/proc_creation_win_malware_goofy_guineapig_broken_cmd/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/goofy-guineapig/proc_creation_win_malware_goofy_guineapig_googleupdate_uncommon_child_instance/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_homoglyph_cyrillic_lookalikes/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_homoglyph_filename/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_susp_in_memory_download_and_compile/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_dotnet_assembly_from_file/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_potential_invoke_mimikatz/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/application/jvm/java_jndi_injection_exploitation_attempt/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/malware/ke3chang-tidepool/proc_creation_win_malware_ke3chang_tidepool/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_keylogger_activity/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mshta_lethalhta_technique/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/application/jvm/java_local_file_read/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_manage_bde/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_livekd_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mftrace_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_offlinescannershell_mpclient_sideloading/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_msiexec_masquerading/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mstsc_rdp_hijack_shadowing/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/muddywater/proc_creation_win_apt_muddywater_activity/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_netcat_reverse_shell/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_network_sniffing/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/application/jvm/java_ognl_injection_exploitation_attempt/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/equationgroup/net_dns_apt_equation_group_triangulation_c2_coms/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/equationgroup/proxy_apt_equation_group_triangulation_c2_coms/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-41082/web_cve_2022_36804_exchange_owassrf_exploitation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dsacls_password_spray/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_perl_reverse_shell/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_errorhandler_persistence/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_autodial_dll/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_chm/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_natural_language/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_event_viewer_events_asp/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_xll/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_globalflags/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_lsa_extension/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_office_addin_persistence/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_office_startup_persistence/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_mpnotify/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_netsh_helper_dll_persistence/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_office_outlook_newform/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_user_profile_tampering/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_ace_tampering/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_typed_paths/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_vmware_toolbox_cmd_persistence/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_php_reverse_shell/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_cmdline_special_characters/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_downgrade_attack/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_registry_set_unsecure_powershell_policy/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_powershell_execution_via_dll/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_alias_obfscuation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_cmdline_reversed_strings/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_reverse_shell_connection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/fin7/posh_ps_apt_fin7_powertrash_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_system32_local_folder_privilege_escalation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_cl_invocation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_registry_provlaunch_provisioning_command/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_provisioning_command_abuse/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_provlaunch_potential_abuse/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/qakbot/proc_creation_win_malware_qakbot_rundll32_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_legalnotice_susp_message/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_bcdedit_susp_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/malware/raspberry-robin/proc_creation_win_malware_raspberry_robin_single_dot_ending_file/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/application/nodejs/nodejs_rce_exploitation_attempt/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_plink_susp_tunneling/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_ssh_rdp_tunneling/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_nltest_recon/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_gather_network_info/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_werfault_reflect_debugger_exec/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolscript_register_app/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_remote_desktop_tunneling/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_susp_remote_powershell_session/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_classic/posh_pc_remotefxvgpudisablement_abuse/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_remotefxvgpudisablement_abuse/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_remotefxvgpudisablement_abuse/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_rundll32_dllregisterserver/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_ruby_reverse_shell/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_ads_stored_dll_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2019/ta/bear-apt-activity/proc_creation_win_apt_bear_activity_gtr19/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_cl_mutexverifiers/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/application/velocity/velocity_ssti_injection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_shelldispatch_potential_abuse/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sdbinst_shim_persistence/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_systemsettingsadminflows_turn_on_dev_features/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_turn_on_dev_features/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/snake/proc_creation_win_malware_snake_installer_exec/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/snake/proc_creation_win_malware_snake_installer_cli_args/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/snake/proc_creation_win_malware_snake_service_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/application/spring/spring_spel_injection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_setspn_spn_enumeration/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/lnx_potential_susp_ebpf_activity/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_sensitive_file_access/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mofcomp_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_keywords/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_powershell_module_susp_creation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_enable_susp_windows_optional_feature/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_enable_susp_windows_optional_feature/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/create_stream_hash/create_stream_hash_winget_susp_package_source/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/systemnightmare-exploit/proc_creation_win_exploit_other_systemnightmare/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_uninstall_security_products/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_recon_unquoted_service_search/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_webshell_creation_detect/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_win_api_susp_access/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dump64_defender_av_bypass_rename/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_redmimicry_winnti_filedrop/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_wizardupdate_malware_infection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmiprvse_spawns_powershell/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_xterm_reverse_shell/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/application/jvm/java_xxe_exploitation_attempt/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dsacls_abuse_permissions/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_nteventlogfile_usage/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_win32_nteventlogfile_usage/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dfsvc_suspicious_child_processes/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_diskshadow_child_process_susp/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_regsvr32_susp_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_winrar_susp_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_odbcconf_register_dll_regsvr_susp/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_eventvwr_susp_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_execution_from_public_folder_as_parent/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pdqdeploy_runner_susp_children/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_regasm_regsvcs_uncommon_location_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_regasm_regsvcs_uncommon_extension_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/create_stream_hash/create_stream_hash_zip_tld_download/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_googleupdate_susp_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_susp_malware_callback_port/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_mkfifo_named_pipe_creation_susp_location/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_domain_notion_api_susp_communication/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_regsvr32_http_ip_pattern/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_regsvr32_network_pattern/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_susp_activity/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/file_event/file_event_lnx_susp_shell_script_under_profile_directory/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_webdav_lnk_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_wuauclt_network_connection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_add_dnsclient_rule/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_adrecon_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_powershell_as_service/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_base64_frombase64string/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_base64_iex/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_base64_invoke/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_base64_mppreference/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_base64_wmi_classes/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_classic/posh_pc_exe_calling_ps/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_delete/file_delete_win_delete_powershell_command_history/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_office_powershell_dll_load/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_create_local_user/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_prompt_credentials/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_decompress_commands/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_defender_disable_feature/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_defender_exclusion/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_directory_enum/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_invoke_dnsexfiltration/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_classic/posh_pc_downgrade_attack/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_execute_batch_script/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_get_clipboard/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_get_clipboard/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_getprocess_lsass/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_getprocess_lsass/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_hotfix_enum/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_icmp_exfiltration/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_exec_data_file/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_mail_acces/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_powershell_module_creation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_msxml_com/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_powershell_profile/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_psattack/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_remote_session_creation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_sam_access/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_set_acl/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_set_acl/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_powershell_drop_powershell/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_susp_ps_appdata/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_resolve_list_of_ip_from_file/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_powershell_script_installed_as_service/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_powershell_script_installed_as_service/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_sensitive_file_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_set_acl_susp_location/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_set_acl_susp_location/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_shellcode_b64/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_store_file_in_alternate_data_stream/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_win32_pnpentity/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_timestomp/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_token_obfuscation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_win32_product_install_msi/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_write_eventlog/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_xml_iex/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_powerview_malicious_commandlets/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_delete/file_delete_win_delete_prefetch/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/identity_protection/azure_identity_protection_prt_access/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_history_recon/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_printbrm/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_private_keys_recon/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/ta/privatelog/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_priv_escalation_via_named_pipe/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/application/jvm/java_rce_exploitation_attempt/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_execution_path/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_sysinternals_procexp_driver_susp_creation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dotnetdump_memory_dump/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_sysinternals_procmon_driver_susp_creation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_recon_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_camera_microphone_access/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/product/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_protected_storage_service_access/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wuauclt_dll_loading/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/msexchange/win_exchange_proxylogon_oabvirtualdir/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-26858/web_cve_2021_26858_iis_rce/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/proxyshell-exploit/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2017/ta/dragonfly/proc_creation_win_apt_ta17_293a_ps/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_psasyncshell/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/windefend/win_defender_asr_psexec_wmi/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_sysinternals_psexec_service_key/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_psexesvc_as_system/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_psexesvc/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_sysinternals_psexec_service/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_install_sysinternals_psexec/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/pipe_created/pipe_created_sysinternals_psexec_default_pipe_susp_location/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/threat_management/microsoft365_pst_export_alert/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/threat_management/microsoft365_pst_export_alert_using_new_compliancesearchaction/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_3proxy_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_python_adidnsdump/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_chisel/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_cleanwipe/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/pipe_created/pipe_created_pua_csexec_default_pipe/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_csexec/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_defendercheck/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_ditsnap/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_netcat/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_ngrok/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_nmap_zenmap/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_nsudo/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/pipe_created/pipe_created_pua_paexec_default_pipe/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_rcedit_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_radmin/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/pipe_created/pipe_created_pua_remcom_default_pipe/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_seatbelt/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_webbrowserpassview/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_wsudo_susp_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_office_publisher_files_in_susp_locations/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_pubprn/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-22893/web_cve_2021_22893_pulse_secure_rce_exploit/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/application/python/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_python_pty_spawn/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/application/python/app_python_sql_exceptions/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/qakbot/proc_creation_win_malware_qakbot_rundll32_exports/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/qakbot/proc_creation_win_malware_qakbot_rundll32_fake_dll_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_query_session_exfil/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_disable_raccine/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rar_compression_with_password/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_raw_paste_service_access/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_rclone_config_files/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_netsh_fw_allow_rdp/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/account_management/win_security_rdp_localhost_login/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_rdp_reverse_tunnel/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_rdp_reverse_tunnel/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_netsh_port_forwarding_3389/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_rdp_to_http/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_cloudtrail_security_group_change_rds/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_stdin_redirect/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_recon/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_recon_export/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_net_recon_activity/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_register_app/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_disable_system_restore/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_hidden_extention/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_regsvr32_susp_exec_path_2/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_regsvr32_susp_exec_path_1/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/clamav/lnx_clamav_relevant_message/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_remcom_service/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_install_remcom/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_remote_access_tools_rurat_non_default_location/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_winrm_execution_via_scripting_api_winrm_vbs/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_rundll32_remote_share_load/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_desktopimgdownldr_remote_file_download/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_lsass_remote_access_trough_winrm/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_classic/posh_pc_remote_powershell_session/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_remote_powershell_session/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_remote_powershell_session/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_svcctl_remote_service/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/create_remote_thread/create_remote_thread_win_keepass/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/create_remote_thread/create_remote_thread_win_ttdinjec/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_install_remote_utilities/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_remotefxvgpudisablement_abuse/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mshta_http/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_remove_adgroupmember/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/msexchange/win_exchange_proxyshell_remove_mailbox_export/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_chattr_immutable_removal/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_crontab_removal/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_autohotkey/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_gpg4win/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_jusched/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_mavinject/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_megasync/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_plink/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_sysinternals_psexec_service/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_rurat/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_sysinternals_debugview/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_whoami/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_wallpaper/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_replay_attack_detected/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_rds_public_db_restore/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/ta/kaseya-supply-chain/proc_creation_win_apt_revil_kaseya/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/rhadamanthys/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/rhadamanthys/proc_creation_win_malware_rhadamanthys_stealer_dll_launch/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_root_certificate_installed/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_import_cert_susp_locations/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/rorschach/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/rorschach/proc_creation_win_malware_rorschach_ransomware_activity/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_susp_rtcore64_service_install/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/application/ruby/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_ruby_inline_command_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/application/ruby/appframework_ruby_on_rails_exceptions/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_run_script_from_ads/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_run_script_from_input_stream/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_no_params/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_installscreensaver/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_rundll32_net_connections/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_registered_com_objects/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_parent_explorer/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_spawn_explorer/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_delete_safeboot/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/identity_protection/azure_identity_protection_token_issuer_anomaly/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_schedule_task_job_cron/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_schedule_task_job_cron/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_scm_database_handle_failure/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_new_scr_file/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_screencapture/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_psr_capture_screenshots/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_scr_file_executed_by_rundll32/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_script_exec_from_env_folder/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/diagnosis/scripted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_enabling_turnoffcheck/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_regsvr32_susp_parent/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_audit_log_cleared/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_whoami_priv_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_disable_sec_services/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_security_software_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_security_software_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_sensitive_file_access_shadowcopy/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-35211/proc_creation_win_exploit_cve_2021_35211_servu/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/webserver_generic/web_ssti_in_access_logs/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sc_sdset_hide_sevices/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_susp_service_installation_folder/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_susp_service_installation_folder_pattern/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_recon_service/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_delete_services/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_registry_permissions_weakness_check/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sc_sdset_modification/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_service_manipulation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_set_service_disabled/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sc_disable_service/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/servicebus/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_delete_identity/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_attrib_system_susp_paths/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_shadow_copies_creation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_shell_child_process_from_parent_tmp_folder/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_java_susp_child_process_2/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/shell_core/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_shell32_susp_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/lnx_shellshock/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/identity_protection/azure_identity_protection_malware_linked_ip/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_apt_silence_eda/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-42237/web_cve_2021_42237_sitecore_report_ashx/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/small-sieve/file_event_win_malware_small_sieve_evasion_typo/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/small-sieve/proxy_malware_small_sieve_telegram_communication/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/small-sieve/registry_set_malware_small_sieve_evasion_typo/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/zeek_dce_rpc_smb_spoolss_named_pipe/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_hack_smbexec/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/snake/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/snake/registry_event_malware_snake_covert_store_key/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/snake/file_event_win_malware_snake_installers_ioc/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/snake/file_event_win_malware_snake_encrypted_payload_ioc/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/snake/win_system_malware_snake_persistence_service/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/snake/file_event_win_malware_snake_werfault_creation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/apt28/proc_creation_win_apt_sofacy/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/ta/sourgum/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/ta/sourgum/proc_creation_win_apt_sourgrum/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_space_after_filename/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_split_file_into_pieces/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/application/spring/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/application/spring/spring_application_exceptions/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/application/sql/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mssql_sqltoolsps_susp_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/webserver_generic/web_sql_injection_in_access_logs/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sqlite_chromium_profile_data/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sqlite_firefox_gecko_profile_data/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/sshd/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/lsa_server/win_lsa_server_normal_user_admin/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_net_start_service/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/file_event/file_event_macos_susp_startup_item_created/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_sticky_key_like_backdoor_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_stickykey_like_backdoor/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_net_stop_service/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_stop_service/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/stp.1k/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/stp.4u/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/account_management/win_security_susp_wmi_login/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/proxyshell-exploit/web_exchange_proxyshell_successful/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/webserver_generic/web_iis_tilt_shortname_scan/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/lnx_shell_susp_commands/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_advpack_obfuscated_ordinal_call/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_agentexecutor_susp_usage/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_rename/file_rename_win_ransomware/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_exploit_guard_susp_allowed_apps/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/shell_core/win_shell_core_susp_packages_installed/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_exchange_webshell_drop/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_ua_base64_encoded/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/identity_protection/azure_identity_protection_suspicious_browser/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_susp_browser_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_calc_uncommon_exec/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_susp_mic_cam_access/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_aspnet_compiler_susp_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_bginfo_suspicious_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_java_manageengine_susp_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mssql_susp_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mssql_veaam_susp_child_processes/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_networkcredential/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_desktop_txt/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_colorcpl/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_curl_useragent/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_registry_install_reg_debugger_backdoor/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_diantz_ads/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_diantz_remote_cab/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/appxpackaging_om/win_appxpackaging_om_sups_appx_signature/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/dns_query/dns_query_win_susp_external_ip_lookup/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/network/dns/net_dns_susp_b64_queries/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/zeek_dns_susp_zbit_flag/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_net_cli_artefact/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_odbcconf_driver_install_susp/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_electron_app_children/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_base64_encoded_cmd/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_suspicious_env_variables/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_executable_creation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_office_outlook_execution_from_temp/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wermgr_susp_exec_location/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hostname_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_instalutil_no_log_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_encode/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_shutdown_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_shutdown_logoff/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_systeminfo_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_susp_execution_macos_script_editor/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_extrac32_ads/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_extrac32/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_perflogs_susp_files/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_office_onenote_susp_dropped_files/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_new_files_in_uncommon_appdata_folder/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wget_download_direct_ip/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_exchange_webshell_drop_suspicious/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_net_use_and_exec_combo/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_default_gpo_dir_write/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_frombase64string_archive/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_frombase64string_archive/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_smb_share_reco/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_susp_smb_share_reco/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_get_addbaccount/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_get_adreplaccount/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_gettypefromclsid/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_git_susp_clone/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_git_clone/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_get_gpo/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_net_groups_and_accounts_recon/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hh_susp_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_susp_histfile_operations/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hwp_exploits/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_hyper_v_condlet/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_iis_susp_module_registration/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_iis_appcmd_susp_rewrite_rule/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/threat_management/microsoft365_susp_inbox_forwarding/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/identity_protection/azure_identity_protection_inbox_manipulation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_installer_susp_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_system_interactive_powershell/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_run_from_mount_diskimage/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_iofilestream/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_susp_java_children/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mshta_javascript/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_rc4_kerberos/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_keymgr/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_susp_keyboard_layout_load/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_ldap_dataexchange/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_lsass_seclogon_access/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_susp_macos_firmware_activity/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_net_user_default_accounts_manipulation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_office_susp_child_processes/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_office_onenote_susp_child_processes/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_mount_diskimage/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_msbuild_susp_parent_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_msdt_susp_parent/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_exchange_aspx_write/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mshta_susp_child_processes/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mshta_susp_pattern/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_msiexec_embedding/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/syslog/lnx_syslog_susp_named/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_susp_binary_no_cmdline/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_service_creation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_new_psdrive/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_nohup_susp_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_ntlmrelay/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/threat_management/microsoft365_susp_oauth_app_file_download_activities/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_base64_encoded_obfusc/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/sshd/lnx_sshd_susp_ssh/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_susp_outbound_smtp_connections/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_double_extension_parent/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_vmware_toolbox_cmd_persistence_susp/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_plink_port_forwarding/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powercfg_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_classic/posh_pc_susp_download/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_susp_download/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_download/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_susp_download_patterns/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_base64_encoded_cmd_patterns/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_get_current_user/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_iex_patterns/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_script_engine_parent/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_invocation_generic/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_susp_invocation_generic/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_invocation_specific/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_susp_parameter_variation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_susp_parent_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_windowstyle/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/exploits/cve-2020-1048/proc_creation_win_exploit_cve_2020_1048/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_susp_process_creation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_get_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_parents/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_run_locations/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_winrm_susp_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_procexplorer_driver_created_in_tmp_folder/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_netsh_fw_allow_program_in_susp_location/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_provlaunch_susp_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_psexec/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/zeek_smb_converted_win_susp_psexec/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_machineguid/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rasdial_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_tscon_rdp_redirect/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_gather_network_info_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_redirect_local_admin_share/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_bitlocker/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_regsvr32_remote_share/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_dll_comsvcs_load_renamed_version_by_rundll32/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/lnx_shell_susp_rev_shells/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_privilege_escalation_cli_patterns/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_sys/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_susp_execution_with_image_extension/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_network_scan_loop/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_scheduled_task_creation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_scheduled_task_update/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_script_exec_from_temp/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_servu_susp_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_service_dir/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_service_dacl_modification_set_service/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_install_susp/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_susp_service_installed/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_java_keytool_susp_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_splwow64_cli_anomaly/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/application/sql/app_sqlinjection_errors/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_ssl_keyword/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_start_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_svchost_susp_access_request/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_java_sysaidserver_susp_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_sysvol_access/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_proxy_scripts/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_teams_suspicious_objectaccess/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_ultravnc_susp_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_unblock_file/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_dll_dbghelp_dbgcore_unsigned_load/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_ntdsutil_susp_usage/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/lnx_susp_dev_tcp/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_ua_susp/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/webserver_generic/web_susp_useragents/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/vsftpd/lnx_vsftpd_susp_error_messages/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_webdav_client_susp_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_where_browser_data_recon/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_local_anon_logon_created/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_defender_exclusion/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/webserver_generic/web_susp_windows_path_uri/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_logman_disable_eventlog/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wuauclt_no_cli_flags_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_windows_terminal_susp_children/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_susp_execution_via_office_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmiprvse_susp_child_processes/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-40444/file_event_win_exploit_cve_2021_40444/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_x509enrollment/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_x509enrollment/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_xor_commandline/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_zipexec/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/lnx_symlink_etc_passwd/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_syncappvpublishingserver_exe/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_syncappvpublishingserver_exe/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_pssuspend_susp_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_syskey_registry_access/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/syslog/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/application_popup/win_system_application_sysmon_crash/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/sysmon/sysmon_file_block_executable/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/sysmon/sysmon_file_block_shredding/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/sysmon/sysmon_config_modification_error/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/sysmon/sysmon_config_modification_status/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_findstr_sysmon_discovery_via_default_altitude/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_fltmc_unload_driver_sysmon/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/sysmon/sysmon_file_executable_detected/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysprep_appdata/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_system_info_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/auditd/lnx_auditd_system_info_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_system_network_connections_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_system_network_connections_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_net_use_network_connections_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_system_network_discovery/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_system_shutdown_reboot/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/systemnightmare-exploit/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_wmiprvse_wbemcomn_dll_hijack/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_remove_mppreference/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_tamper_windows_defender_rem_mp/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_sophos_av_tamper/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_install_tap_driver/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_tap_driver_installation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_tapinstall_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_taskkill_sep/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_taskmgr_localsystem/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_delete/file_delete_win_delete_teamviewer_logs/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/network/dns/net_dns_susp_telegram_api/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_svchost_termserv_proc_spawn/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/terminalservices/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_test_netconnection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/firewall_as/win_firewall_as_failed_load_gpo/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/m365/threat_detection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_tttracer_mod_load/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_dll_tttracer_module_load/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_delete/file_delete_win_delete_tomcat_logs/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_touch_susp/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/zeek_smb_converted_win_transferring_files_with_credential_data/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/malware/trickbot/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/malware/trickbot/proc_creation_win_malware_trickbot_wermgr/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/file_event/file_event_lnx_triple_cross_rootkit_lock_file/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_triple_cross_rootkit_execve_hijack/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_triple_cross_rootkit_install/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/tropictrooper/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/tropictrooper/proc_creation_win_apt_tropictrooper/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_follina_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2014/ta/turla/proc_creation_win_apt_turla_commands_critical/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_uac_bypass_winsat/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_uac_bypass_winsat/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_uac_bypass_dotnet_profiler/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_uac_bypass_consent_comctl32/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_eventvwr_recentviews/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_uac_bypass_eventvwr/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_uac_bypass_idiagnostic_profile/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_uac_bypass_ieinstal/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_uac_bypass_iscsicpl/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_uac_bypass_msconfig_gui/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_uac_bypass_ntfs_reparse_point/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_uac_bypass_wmp/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_uac_bypass_wmp/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_access/proc_access_win_uac_bypass_wow64_logger/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_uac_bypass_eventvwr/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_icmluautil/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_uac_bypass_sdclt/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_uac_disable/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_wpbbin_persistence/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wpbbin_potential_persistence/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_disable_ufw/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/solarwinds-supply-chain/proc_creation_win_apt_unc2452_ps/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/unc4841-barracuda-esg-zero-day-exploitation/proc_creation_lnx_apt_unc4841_wget_download_compressed_file_tmep_sh/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/unc4841-barracuda-esg-zero-day-exploitation/proc_creation_lnx_apt_unc4841_wget_download_tar_files_direct_ip/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/unc4841-barracuda-esg-zero-day-exploitation/file_event_lnx_apt_unc4841_exfil_mail_pattern/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/unc4841-barracuda-esg-zero-day-exploitation/proc_creation_lnx_atp_unc4841_seaspy_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/unc4841-barracuda-esg-zero-day-exploitation/proc_creation_lnx_apt_unc4841_openssl_connection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_atbroker_uncommon_ats_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_addinutil_uncommon_cmdline/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_addinutil_uncommon_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_appvlp_uncommon_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_bginfo_uncommon_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_defaultpack_uncommon_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_setres_uncommon_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_odbcconf_uncommon_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sndvol_susp_child_processes/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sdbinst_susp_extension/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_format_uncommon_filesystem_load/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_link_uncommon_parent_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/network_connection/net_connection_win_certutil_initiated_connection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_one_time_only_midnight_task/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_install_uncommon/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_svchost_uncommon_parent_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/cloud/azure/identity_protection/azure_identity_protection_unfamilar_sign_in/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uninstall_crowdstrike_falcon/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_net_share_unmount/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_lsass_unsigned_image_load/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/create_stream_hash/create_stream_hash_susp_ip_domains/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_renamed_sysinternals_eula_accepted/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/driverframeworks/win_usb_device_plugged/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_classic/posh_pc_susp_get_nettcpconnection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_susp_get_nettcpconnection/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_icacls_deny/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_ntfs_short_name_use_cli/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_ntfs_short_name_use_image/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_fsi_fsharp_code_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_openconsole/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_pcalua/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_remote/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_scriptrunner/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_sftp/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_ttdinject/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_visualuiaverifynative/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_vsiisexelauncher/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_w32tm/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_wfc/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_usermod_susp_group/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_user_discovery_get_aduser/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_user_discovery_get_aduser/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_userdel/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_user_logoff/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_utilityfunctions/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_office_vbadll_load/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sqlcmd_veeam_db_recon/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_veeam_credential_dumping_script/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sqlcmd_veeam_dump/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/application/velocity/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_vhd_download_via_browsers/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lolbin_visual_basic_compiler/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pressanykey_lolbin_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_pressanykey/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_vmware_vmtoolsd_susp_child_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2021/exploits/cve-2021-22005/web_cve_2021_22005_vmware_file_upload/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_ntfs/win_system_volume_shadow_copy_mount/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_mklink_shadow_copies_access_symlink/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_vscode_powershell_profile/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/builtin/vsftpd/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_vssaudit_secevent_source_registration/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wab_execution_from_non_default_location/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wab_unusual_parents/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/network/dns/net_dns_wannacry_killswitch_domain/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_alert_enable_weak_encryption/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_weak_or_abused_passwords/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rundll32_webdav_client_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/network/zeek/zeek_http_webdav_put_request/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_webshell_tool_recon/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_lsass_werfault_dump/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/linux/file_event/file_event_lnx_wget_download_file_in_tmp_dir/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_whoami_as_param/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/windefend/win_defender_restored_quarantine_file/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_net_use_mount_admin_share/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wbadmin_delete_backups/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_hack_wce_reg/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_vaultcmd_list_creds/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/windefend/win_defender_malware_detected_amsi_source/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/windefend/win_defender_suspicious_features_tampering/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_windows_defender_exclusions_registry_modified/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/windefend/win_defender_config_change_exclusion_added/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_win_defender_exclusions_added/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_defender_exclusions/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/windefend/win_defender_config_change_exploit_guard_tamper/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/firewall_as/win_firewall_as_reset_config/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/windefend/win_defender_antimalware_platform_expired/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/windefend/win_defender_malware_and_pua_scan_disabled/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/windefend/win_defender_history_delete/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/windefend/win_defender_real_time_protection_errors/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/windefend/win_defender_config_change_sample_submission_consent/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/windefend/win_defender_threat/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_defender_disabled/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/windefend/win_defender_virus_scan_disabled/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_disable_event_auditing/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_powershell_disable_firewall/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_windows_firewall_profile_disabled/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/firewall_as/win_firewall_as_setting_change/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_recon_hotfix/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_net_use_mount_internet_share/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_kd_execution/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_ua_powershell/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_event/registry_event_office_trust_record_modification/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_capture_screenshots/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/service_control_manager/win_system_service_terminated_error_generic/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_net_use_mount_share/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_shell_write_susp_directory/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/microsoft_windows_windows_update_client/win_system_susp_system_update_error/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_downloadcradle_webdav/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/application/windows_error_reporting/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_winget_admin_settings_tampering/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_winlogon_allow_multiple_tssessions/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_winrar_exfil_dmp_files/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_winsxs_binary_creation/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/wmi/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_scrcons_wmi_scripteventconsumer/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/pipe_created/pipe_created_scrcons_wmi_consumer_namedpipe/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/wmi/win_wmi_persistence/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmi_persistence_script_event_consumer/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_wmi_persistence/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_wmi_unquoted_service_search/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_wmimplant/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmiprvse_spawning_process/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_wmiprvse_wbemcomn_dll_hijack/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_wmiprvse_wbemcomn_dll_hijack/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_write_protect_for_storage_disabled/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_mshta_inline_vbscript/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wsl_child_processes_anomalies/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_presentationhost_uncommon_location_exec/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/builtin/system/netlogon/win_system_possible_zerologon_exploitation_using_wellknown_tools/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/emerging-threats/2022/exploits/cve-2022-27925/web_cve_2022_27925_exploit/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_susp_zip_compress/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_classic/posh_pc_susp_zip_compress/ 2024-08-12T10:02:50+00:00 https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_susp_zip_compress/ 2024-08-12T10:02:50+00:00 https://detection.fyi/tags/%CD%A1-%CD%9C%CA%96-%CD%A1/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/windows_exploitation/proc_creation_windows_wsus_abuse/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/threat-hunting-queries/proc_creation_windows_action1_rmm/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tags/attack.commandandcontrol/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tags/attack.compiled.html.file/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tags/attack.credential_access/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tags/attack.credentialaccess/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tags/attack.defense_evasion/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tags/attack.defense-evansion/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tags/attack.defense.evasion/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tags/attack.exploitation-for-privilege-escalation/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tags/attack.hidden.users/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tags/attack.initial_access/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tags/attack.lateral_movement/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tags/attack.privilege_escalation/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tags/attack.t1623/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/malware/proc_creation_windows_chromeloader/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/lol_bins/proc_creation_windows_cmstp_fake_profiles/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/misc/proc_creation_windows_schtasks_win-def-removal/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/threat-hunting-queries/proc_creation_windows_ammyy_admin/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/threat-hunting-queries/proc_creation_windows_anyviewer/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/lol_bins/proc_creation_windows_errorhandler_persistence/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/lol_bins/registry_set_devdrv_bypass_registry/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/misc/proc_creation_windows_pythonfunctionwarnings_disabled/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/lol_bins/proc_creation_windows_dumpbin_lolbin/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/malware/proc_creation_windows_emotet_04_22/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/lol_bins/proc_creation_windows_devdrv_bypass_fsutil/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/misc/proc_creation_windows_reg_enabling_rdp/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/misc/proc_creation_windows_disablerestrictedadmin/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/lol_bins/proc_creation_windows_setup_pythonw/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/windows_exploitation/proc_creation_windows_soaphound/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/windows_exploitation/proc_creation_windows_zero_exe/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/vulnerability_exploitation/proc_creation_windows_7z_cve-2022-29072/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/vulnerability_exploitation/proc_creation_windows_vmware_horizon_log4j/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/malware/proc_creation_windows_explorer_nouaccheck/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/lol_bins/proc_creation_windows_appcmd/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/malware/proc_creation_windows_socgholish_fakeupdates/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/misc/proc_creation_windows_hh_lolba/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/misc/proc_creation_windows_registry_hide_user/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/malware/proc_creation_windows_guloader_08_07/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/windows_exploitation/win_security_kerberoasting_activity/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/windows_exploitation/win_security_krbrelayup/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/windows_exploitation/win_security_laps_creddumping/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/malware/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/threat-hunting-queries/proc_creation_windows_moveit_exploitation/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/windows_exploitation/proc_creation_windows_sdiagnhost-ms-msdt_exploitation/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/windows_exploitation/proc_creation_windows_ms-msdt_exploitation/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/lol_bins/proc_creation_windows_msteams_side-loading/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/malware/proc_creation_windows_onenote_execution/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/misc/proc_creation_windows_amsi_bypass/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/malware/proc_creation_windows_raspberry_robin_usb-exec/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/malware/proc_creation_windows_raspberry_robin_mal-exec/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/windows_exploitation/win_security_dc_impersonation/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/misc/proc_creation_windows_schtask_enc-psh/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tags/t1059.001/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/malware/proc_creation_windows_ursnif_cmd_redirection/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/misc/proc_creation_windows_allttheemojis/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/misc/proc_creation_windows_win-lazagne/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/misc/proc_creation_windows_powershell_downloader_cradle/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/lol_bins/proc_creation_windows_vsdiagnostics_lolbin/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/vulnerability_exploitation/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/lol_bins/proc_creation_windows_wermgr_injection/ 2024-08-10T22:50:55+00:00 https://detection.fyi/tsale/sigma_rules/windows_exploitation/ 2024-08-10T22:50:55+00:00 https://detection.fyi/elastic/detection-rules/windows/execution_ms_office_written_file/ 2024-08-09T15:26:58+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_zoom_strict/ 2024-08-04T18:34:15+00:00 https://detection.fyi/sublime-security/sublime-rules/google_drive_abuse_credential_phishing/ 2024-07-31T19:17:46+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/impact_potential_linux_ransomware_file_encryption/ 2024-07-19T13:13:42+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_fake_shipping_notification/ 2024-07-10T19:17:53+00:00 https://detection.fyi/elastic/detection-rules/ml/persistence_ml_linux_anomalous_process_all_hosts/ 2024-06-19T14:04:41+00:00 https://detection.fyi/elastic/detection-rules/ml/initial_access_ml_auth_rare_user_logon/ 2024-06-19T14:04:41+00:00 https://detection.fyi/elastic/detection-rules/ml/credential_access_ml_auth_spike_in_failed_logon_events/ 2024-06-19T14:04:41+00:00 https://detection.fyi/elastic/detection-rules/ml/credential_access_ml_auth_spike_in_logon_events_from_a_source_ip/ 2024-06-19T14:04:41+00:00 https://detection.fyi/elastic/detection-rules/ml/initial_access_ml_auth_rare_hour_for_a_user_to_logon/ 2024-06-19T14:04:41+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_outlook/ 2024-05-29T20:47:17+00:00 https://detection.fyi/elastic/detection-rules/network/lateral_movement_dns_server_overflow/ 2024-05-22T19:15:10+00:00 https://detection.fyi/elastic/detection-rules/windows/credential_access_remote_sam_secretsdump/ 2024-05-22T19:15:10+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_klaviyo/ 2024-05-14T15:57:21+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_google_ad_services/ 2024-05-10T19:33:51+00:00 https://detection.fyi/sublime-security/sublime-rules/link_credential_phishing_language_ipfs/ 2024-05-03T15:14:11+00:00 https://detection.fyi/sublime-security/sublime-rules/suspicious_shipping_notification/ 2024-05-03T15:14:11+00:00 https://detection.fyi/sublime-security/sublime-rules/link_pikabot_malware/ 2024-04-25T18:08:57+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_youtube/ 2024-04-24T17:04:04+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_vanta/ 2024-04-23T22:06:57+00:00 https://detection.fyi/sublime-security/sublime-rules/spoof_dropbox/ 2024-04-23T22:06:57+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_vip_invoicing_request/ 2024-04-23T22:06:57+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_javascript_with_b64_executable/ 2024-04-01T17:16:36+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/lateral_movement_remote_file_creation_in_sensitive_directory/ 2024-04-01T15:01:20+00:00 https://detection.fyi/sublime-security/sublime-rules/suspicious_sharepoint_file_share_undisclosed_recipients/ 2024-03-27T20:41:31+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/threat_smashjacker_appinit_dll_installation/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_rundll32_dllregister_server_function/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/threat_impacket_atexec_execution/ 2024-03-26T03:29:20+00:00 https://detection.fyi/tags/attack.s0357/ 2024-03-26T03:29:20+00:00 https://detection.fyi/tags/attack.s0650/ 2024-03-26T03:29:20+00:00 https://detection.fyi/tags/attack.t1546.016/ 2024-03-26T03:29:20+00:00 https://detection.fyi/tags/attack.t1574.013/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_obfuscation_base64_encoding/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_ingress_tools_transfer_bitsadmin_download/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_command_shell_bypass_security_controls/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_ingress_tools_transfer_certreq_download/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_ingress_tools_transfer_certutil_download/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/threat_chromeloader_nwjs_runtime_installation_paths/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_email_forwarding_rule_suspicious_folders/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_email_forwarding_rule_suspicious_criteria/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_email_forwarding_rule_suspicious_names/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/threat_socgholish_nltest_domain_trust_enum/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/threat_gamarue_rundll32_cmdline/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_applescript_applet_download_as_payload/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/threat_mimikatz_kirbi_file/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_applescript_input_prompt/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/threat_mimikatz_module_names/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/threat_raspberry_robin_cmdline_netconn_no_params/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_kernel_modules_nondepmod_modifying_modules_dep/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_installer_packages_non_ms_publisher_id/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_command_shell_obfuscated_commands/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_powershell_obfuscation_escape_chars/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_wmi_office_product_parent/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_installer_packages_psf_powershell_execution/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_powershell_encoded_command/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_powershell_base64_encoding/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/threat_yellow_cockatoo_ps_startup_folder_persistence/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/threat_yellow_cockatoo_ps_susp_dotnet_methods/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_rename_system_utils_unusual_cmdline/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/threat_qbot_mounted_drive_script_execution/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_rundll32_injection_to_lsass/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_rundll32_suspicious_lineage/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_rundll32_no_cmdline/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_os_cred_dumping_secretsdump_file_modification/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/threat_impacket_secretsdump_execution/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_command_shell_from_service_ctrl_mgr/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_kernel_modules_shells_modifying_files_in_lkm_directories/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/threat_impacket_smbexec_execution/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_wmi_suspicious_commands/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_rundll32_suspicious_export_functionalities/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_powershell_susp_cmdlets/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_wmi_suspicious_powershell_cmdlets/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_wmi_suspicious_process_lineage/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_kernel_modules_systemd_loading_lkm_insmod/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_kernel_modules_systemd_loading_lkm_modprobe/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_rename_system_utils_powershell_notepad/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_wmi_unusual_module_loads/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_command_shell_suspicious_ancestry/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/threat_smashjacker_web_browser_loading_extension/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/threat_socgholish_whoami_recon_file_output/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_command_shell_from_explorer/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/threat_raspberry_robin_msiexec_download/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_command_shell_from_schtask/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_wmi_reconnaissance/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_wmi_shadowcopy_deletion/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/threat_impacket_wmiexec_execution/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/threat_socgholish_wscript_from_browser_with_netconn/ 2024-03-26T03:29:20+00:00 https://detection.fyi/mbabinski/sigma-rules/2024_redcanary_threatdetectionreport/technique_obfuscation_zipfile_spawning_javascript/ 2024-03-26T03:29:20+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_embedded_b64_pe/ 2024-03-25T21:48:52+00:00 https://detection.fyi/joesecurity/sigma-rules/disablepoweroptions/ 2024-03-11T07:57:57+00:00 https://detection.fyi/joesecurity/sigma-rules/stopeventlog/ 2024-03-11T07:57:57+00:00 https://detection.fyi/joesecurity/sigma-rules/uninstallmrt/ 2024-03-11T07:57:57+00:00 https://detection.fyi/sublime-security/sublime-rules/invoicera_infra_abuse/ 2024-03-07T20:32:05+00:00 https://detection.fyi/sublime-security/sublime-rules/body_microsoft_logo_open_redirect/ 2024-03-07T20:06:21+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/command_and_control_linux_port_knocking_reverse_connection/ 2024-03-07T16:19:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_archive_with_exe/ 2024-02-27T00:52:24+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_rtf_embedded_content/ 2024-02-26T17:18:22+00:00 https://detection.fyi/tags/cve-2024-21413/ 2024-02-15T03:42:53+00:00 https://detection.fyi/sublime-security/sublime-rules/link_cve_2024-21413/ 2024-02-15T03:42:53+00:00 https://detection.fyi/joesecurity/sigma-rules/dotnetcompilercompilesfilefromsuspiciouslocation/ 2024-02-05T11:19:12+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_rfp_government_impersonation/ 2024-01-30T16:53:14+00:00 https://detection.fyi/sublime-security/sublime-rules/spam_blackbaud_infrastructure_abuse/ 2024-01-17T21:20:18+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_macro_dll_loader/ 2023-12-28T22:15:03+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_snapchat/ 2023-12-20T20:08:55+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/lateral_movement_malicious_remote_file_creation/ 2023-12-20T13:49:45+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/defense_evasion_potential_processherpaderping/ 2023-12-19T20:59:48+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_shell_suspicious_parent_child_revshell_linux/ 2023-12-18T08:36:21+00:00 https://detection.fyi/joesecurity/sigma-rules/accesspayloadvianslookuptxtrecord/ 2023-12-14T11:53:23+00:00 https://detection.fyi/sublime-security/sublime-rules/disposable_sender_unsolicited/ 2023-12-07T17:44:00+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_fake_slack_installer/ 2023-11-29T22:13:22+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_fake_zoom_installer/ 2023-11-29T22:13:22+00:00 https://detection.fyi/joesecurity/sigma-rules/darkgate/ 2023-10-26T06:29:30+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/command_and_control_linux_iodine_activity/ 2023-10-23T14:28:58+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/defense_evasion_ld_preload_env_variable_process_injection/ 2023-10-23T14:28:58+00:00 https://detection.fyi/sigmahq/sigma/unsupported/zeek/zeek_dce_rpc_domain_user_enumeration/ 2023-10-18T09:53:44+00:00 https://detection.fyi/sigmahq/sigma/unsupported/ 2023-10-18T09:53:44+00:00 https://detection.fyi/sigmahq/sigma/unsupported/zeek/ 2023-10-18T09:53:44+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_darkgate/ 2023-10-14T19:27:41+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_darkgate/file_event_win_malware_darkgate_autoit3/ 2023-10-14T19:27:41+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_darkgate/proc_creation_win_malware_darkgate_autoit3_from_appdata/ 2023-10-14T19:27:41+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_usapdc/ 2023-09-08T02:47:09+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_blackcat_ransomware/ 2023-09-01T03:21:14+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_qakbot/ 2023-09-01T03:21:14+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/ 2023-09-01T03:21:14+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_vicesociety_ransomware/ 2023-09-01T03:21:14+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_impacket/ 2023-09-01T03:21:14+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_impacket/dcomexec/ 2023-09-01T03:21:14+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_qakbot/win_qakbot_dropped_file_creation_4663/ 2023-09-01T03:21:14+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/notepad_network_connection/ 2023-09-01T03:21:14+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_impacket/dcomexec/zeek_dce_impacket_remote_create_instance_dcomexec/ 2023-09-01T03:21:14+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_impacket/secretsdump/zeek_dce_impacket_rpc_secretsdump/ 2023-09-01T03:21:14+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_impacket/secretsdump/ 2023-09-01T03:21:14+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/shrpubw_execution_from_unexpected_path/ 2023-09-01T03:21:14+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_vicesociety_ransomware/win_susp_net_user_creation_vsociety/ 2023-09-01T03:21:14+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_blackcat_ransomware/win_susp_process_blackcat_exfiltration/ 2023-09-01T03:21:14+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_qakbot/win_qakbot_susp_calc_process_trellix/ 2023-09-01T03:21:14+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_qakbot/win_qakbot_susp_cmdline_from_injected_process/ 2023-09-01T03:21:14+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_qakbot/win_qakbot_susp_process_injection_to_explorer/ 2023-09-01T03:21:14+00:00 https://detection.fyi/joesecurity/sigma-rules/powershelldownloadandloadassembly/ 2023-08-23T03:58:40+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_ukr_net/ 2023-08-21T19:45:19+00:00 https://detection.fyi/sublime-security/sublime-rules/punycode_sender_domain/ 2023-08-21T19:45:19+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_archive_with_chm/ 2023-08-21T16:04:55+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_excel_web_query_file_iqy/ 2023-08-21T16:04:55+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_embedded_base64_file_download/ 2023-08-21T16:04:55+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_embedded_b64_iso/ 2023-08-21T16:04:55+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_fromcharcode_and_others/ 2023-08-21T16:04:55+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_hex_strings/ 2023-08-21T16:04:55+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_entropy/ 2023-08-21T16:04:55+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_html_smuggling_raw_buffer/ 2023-08-21T16:04:55+00:00 https://detection.fyi/sublime-security/sublime-rules/attachment_lnk_file/ 2023-08-21T16:04:55+00:00 https://detection.fyi/sublime-security/sublime-rules/impersonation_apple/ 2023-08-21T16:04:55+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_hhs/ 2023-08-21T16:04:55+00:00 https://detection.fyi/sublime-security/sublime-rules/open_redirect_msn/ 2023-08-21T16:04:55+00:00 https://detection.fyi/sublime-security/sublime-rules/headers_php_mailer_with_common_phishing_attachments/ 2023-08-21T16:04:55+00:00 https://detection.fyi/sublime-security/sublime-rules/headers_invalid_ios_build/ 2023-08-09T03:04:12+00:00 https://detection.fyi/sublime-security/sublime-rules/headers_zimbra_mailer_unsupported_os_versions/ 2023-08-09T03:04:12+00:00 https://detection.fyi/sublime-security/sublime-rules/link_sharepoint_online_multiple_recipients_from_outside_org/ 2023-08-09T03:04:12+00:00 https://detection.fyi/joesecurity/sigma-rules/xmrig/ 2023-08-08T08:56:14+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_webdav_searchms/ 2023-08-05T02:44:01+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_webdav_searchms/proc_creation_win_webdav_lnk_execution/ 2023-08-05T02:44:01+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_webdav_searchms/proxy_webdav_search_ms/ 2023-08-05T00:30:01+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_webdav_searchms/file_event_win_webdav_tmpfile_creation/ 2023-08-05T00:30:01+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/command_and_control_connection_attempt_by_non_ssh_root_session/ 2023-08-03T13:25:33+00:00 https://detection.fyi/joesecurity/sigma-rules/powershelldownloadandexecutefile/ 2023-07-21T06:22:09+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/threat_intel_filebeat8x/ 2023-07-18T23:12:53+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/threat_intel_fleet_integrations/ 2023-07-18T23:12:53+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/credential_access_potential_linux_ssh_bruteforce_root/ 2023-07-10T14:32:42+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_reverse_shell_via_named_pipe/ 2023-07-06T13:27:57+00:00 https://detection.fyi/joesecurity/sigma-rules/registerjarinrunkey/ 2023-06-21T07:56:22+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/ 2023-06-02T14:36:44+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_qbot_rundll32_non_standard_file_proxy_execution/ 2023-06-02T14:36:44+00:00 https://detection.fyi/joesecurity/sigma-rules/setcustomuseragentanddownloadfileviapowershell/ 2023-05-30T09:52:12+00:00 https://detection.fyi/tags/attack.s0367/ 2023-05-17T14:20:32+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_ingress_tool_transfer_bitsadmin_download/ 2023-05-17T14:20:32+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_ingress_tool_transfer_certutil_download/ 2023-05-17T14:20:32+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_emotet_excel_regsvr32_execution/ 2023-05-17T14:20:32+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_gootloader_appdata_js_execution/ 2023-05-17T14:20:32+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_impacket_smbexec_execution/ 2023-05-17T14:20:32+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_impacket_wmiexec_execution/ 2023-05-17T14:20:32+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_lsass_memory_susp_lineage/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_lsass_memory_lsass_access/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_adsearch_reg_runkey_persistence_execution/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_adsearch_startup_folder_persistence/ 2023-05-10T21:11:50+00:00 https://detection.fyi/tags/attack.s0521/ 2023-05-10T21:11:50+00:00 https://detection.fyi/tags/attack.t1036.008/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_cobalt_strike_beacon_getsystem_cmd_pattern/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_cobalt_strike_beacon_implant/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_cobalt_strike_uac_bypass_w_cliconfg/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_cmd_bypassing_controls/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_cmd_obfuscated_commands/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_cmd_susp_process_ancestry/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_bloodhound_common_cmd_actions/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_smb_win_admin_shares_impacket_svc_via_registry/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_cmd_explorer_start_exit_cmd/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_smb_win_admin_shares_file_write/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_setuid_setgid_binary_search/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_impacket_atexec_execution/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_motw_bypass_iso_write_susp_folder/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_lsass_memory_lsass_non_sytem/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_mimikatz_kirbi_file_creation/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_mimikatz_module_names_in_cmdline/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_wmi_office_products_spawning_wmic/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_plugx_wsc_proxy_dll_search_order_hijacking/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_raspberry_robin_msiexec_execution/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_gamarue_rundll32_dll_filename/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_socgholish_homoglyph_cyrillic_lookalikes/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_pwsh_base64_encoding/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_pwsh_encoded_command_switch/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_process_injection_powershell_injection/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_pwsh_obfuscated_commands/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_process_injection_process_sans_cmdline/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_smb_win_admin_shares_process_execution/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_rename_sys_utils_unusual_cmdlines/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_qbot_mounted_drive_execution/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_rundll32_app_bypass_dllregisterserver/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_lsass_memory_rundll32_minidump/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_rundll32_inject_to_lsass/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_rundll32_susp_lineage/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_rundll32_no_cmdline/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_cmd_svc_shell_command/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_socgholish_nltest_domain_trust_enumeration/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_socgholish_whoami_output_to_file/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_process_injection_susp_net_conn/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_pwsh_susp_cmdlets/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_rename_sys_utils_unexpected_internal_name/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_cmd_schtasks_create_shell/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_gootloader_cscript_msdos_shortnames/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_wmi_reconnaissance/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_wmi_shadow_copy_deletion/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_wmi_susp_commands/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_wmi_susp_pwsh_cmdlets/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_wmi_susp_lineage/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/technique_wmi_unusual_module_loads/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_yellow_cockatoo_startup_lnk_file/ 2023-05-10T21:11:50+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_redcanary_threatdetectionreport/threat_yellow_cockatoo_susp_dotnet_methods/ 2023-05-10T21:11:50+00:00 https://detection.fyi/tags/elastic/ 2023-05-05T07:47:49+00:00 https://detection.fyi/tags/elastic-endgame/ 2023-05-05T07:47:49+00:00 https://detection.fyi/tags/host/ 2023-05-05T07:47:49+00:00 https://detection.fyi/tags/investigation-guide/ 2023-05-05T07:47:49+00:00 https://detection.fyi/tags/linux/ 2023-05-05T07:47:49+00:00 https://detection.fyi/tags/persistence/ 2023-05-05T07:47:49+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/persistence_shell_activity_by_web_server/ 2023-05-05T07:47:49+00:00 https://detection.fyi/tags/threat-detection/ 2023-05-05T07:47:49+00:00 https://detection.fyi/sigmahq/sigma/unsupported/cloud/aws_enum_listing/ 2023-04-21T15:25:21+00:00 https://detection.fyi/tags/attack.resource_development/ 2023-04-21T15:25:21+00:00 https://detection.fyi/tags/attack.t1035/ 2023-04-21T15:25:21+00:00 https://detection.fyi/tags/attack.t1043/ 2023-04-21T15:25:21+00:00 https://detection.fyi/tags/attack.t1050/ 2023-04-21T15:25:21+00:00 https://detection.fyi/tags/attack.t1110.003/ 2023-04-21T15:25:21+00:00 https://detection.fyi/tags/attack.t1574.010/ 2023-04-21T15:25:21+00:00 https://detection.fyi/tags/attack.t1583.006/ 2023-04-21T15:25:21+00:00 https://detection.fyi/tags/attack.t1592/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/cloud/aws_ec2_download_userdata/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/cloud/aws_macic_evasion/ 2023-04-21T15:25:21+00:00 https://detection.fyi/tags/car.2013-04-002/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/cloud/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/linux/lnx_auditd_cve_2021_3156_sudo_buffer_overflow/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/linux/lnx_auditd_cve_2021_3156_sudo_buffer_overflow_brutforce/ 2023-04-21T15:25:21+00:00 https://detection.fyi/tags/cve.2021.3156/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/sysmon_process_reimaging/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/win_possible_privilege_escalation_using_rotten_potato/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/win_security_susp_failed_logons_single_source_kerberos2/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/proc_creation_win_correlation_dnscat2_powershell_implementation/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/win_security_global_catalog_enumeration/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/posh_ps_cl_invocation_lolscript_count/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/posh_ps_cl_mutexverifiers_lolscript_count/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/linux/lnx_auth_susp_failed_logons_single_source/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/win_security_susp_failed_logons_single_source/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/win_susp_failed_hidden_share_mount/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/win_security_susp_failed_logons_single_source2/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/file_event_executable_and_script_creation_by_office_using_file_ext/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/sysmon_non_priv_program_files_move/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/network/net_dns_high_bytes_out/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/network/net_firewall_high_dns_bytes_out/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/network/net_dns_high_requests_rate/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/network/net_firewall_high_dns_requests_rate/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/network/net_dns_high_null_records_requests_rate/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/network/net_dns_high_txt_records_requests_rate/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/win_security_susp_failed_logons_single_source_ntlm2/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/win_security_susp_failed_logons_single_source_kerberos3/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/driver_load_invoke_obfuscation_clip+_services/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/driver_load_invoke_obfuscation_via_compress_services/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/driver_load_invoke_obfuscation_obfuscated_iex_services/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/driver_load_invoke_obfuscation_via_rundll_services/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/driver_load_invoke_obfuscation_stdin+_services/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/driver_load_invoke_obfuscation_var+_services/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/driver_load_invoke_obfuscation_via_var++_services/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/driver_load_invoke_obfuscation_via_stdin_services/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/driver_load_invoke_obfuscation_via_use_clip_services/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/driver_load_invoke_obfuscation_via_use_mshta_services/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/driver_load_invoke_obfuscation_via_use_rundll32_services/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/network/net_dns_large_domain_name/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/linux/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/win_mal_service_installs/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/win_metasploit_or_impacket_smb_psexec_service_install/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/driver_load_meterpreter_or_cobaltstrike_getsystem_service_installation/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/sysmon_always_install_elevated_msi_spawned_cmd_and_powershell_spawned_processes/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/other/modsec_mulitple_blocks/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/web/web_multiple_susp_resp_codes_single_source/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/win_security_susp_failed_logons_single_process/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/win_security_susp_failed_remote_logons_single_source/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/network/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/network/net_firewall_susp_network_scan_by_ip/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/network/net_firewall_susp_network_scan_by_port/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/linux/lnx_auditd_omigod_scx_runasprovider_executescript/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/other/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/win_security_susp_failed_logons_explicit_credentials/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/network/net_possible_dns_rebinding/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/dns_query_win_possible_dns_rebinding/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/network/net_dns_c2_detection/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/cloud/aws_ses_messaging_enabled/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/cloud/aws_enum_backup/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/zeek/zeek_http_exfiltration_compressed_files/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/cloud/aws_enum_network/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/cloud/aws_enum_storage/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/linux/lnx_shell_priv_esc_prep/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/proc_creation_win_correlation_multiple_susp_cli/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/proc_creation_win_correlation_susp_builtin_commands_recon/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/win_remote_service/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/cloud/azure_aad_secops_signin_failure_bad_password_threshold/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/win_access_fake_files_with_stored_credentials/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/win_security_susp_multiple_files_renamed_or_deleted/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/win_suspicious_werfault_connection_outbound/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/driver_load_tap_driver_installation/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/win_security_susp_failed_logons_single_source_kerberos/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/win_security_susp_failed_logons_single_source_ntlm/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/web/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/ 2023-04-21T15:25:21+00:00 https://detection.fyi/sigmahq/sigma/unsupported/windows/win_kernel_and_3rd_party_drivers_exploits_token_stealing/ 2023-04-21T15:25:21+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_impacket/atexec/ 2023-04-16T18:23:51+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_impacket/getuserspns/ 2023-04-16T18:23:51+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_impacket/atexec/win_proc_creation_impacket_atexec/ 2023-04-16T18:23:51+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_impacket/getuserspns/zeek_impacket_kerberos_rc4/ 2023-04-16T18:23:51+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_impacket/psexec/ 2023-04-16T18:23:51+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_impacket/smbclient/ 2023-04-16T18:23:51+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_impacket/smbclient/file_event_win_impacket_exe/ 2023-04-16T18:23:51+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_impacket/psexec/win_pipe_created_remcom_impacket_psexec/ 2023-04-16T18:23:51+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_impacket/psexec/win_file_creation_impacket_psexec/ 2023-04-16T18:23:51+00:00 https://detection.fyi/joesecurity/sigma-rules/setautostartkeyvianewitempropertycmdlet/ 2023-03-21T07:40:19+00:00 https://detection.fyi/tags/cloud/ 2023-03-02T16:29:14+00:00 https://detection.fyi/tags/continuous-monitoring/ 2023-03-02T16:29:14+00:00 https://detection.fyi/tags/google-workspace/ 2023-03-02T16:29:14+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/persistence_google_workspace_user_group_access_modified_to_allow_external_access/ 2023-03-02T16:29:14+00:00 https://detection.fyi/tags/identity-and-access/ 2023-03-02T16:29:14+00:00 https://detection.fyi/tags/secops/ 2023-03-02T16:29:14+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_onenote_malware/ 2023-01-30T23:04:53+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_onenote_malware/dns_query_double_extension/ 2023-01-30T23:04:53+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_onenote_malware/create_stream_hash_double_extension/ 2023-01-30T23:04:53+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_onenote_malware/file_event_double_extension/ 2023-01-30T23:04:53+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_impacket/atexec/win_registry_events_impacket_atexec/ 2023-01-30T23:04:53+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_impacket/atexec/win_file_creation_impacket_atexec/ 2023-01-30T23:04:53+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_onenote_malware/net_connection_win_double_extension/ 2023-01-30T23:04:53+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_impacket/atexec/win_schtasks_impacket_atexec/ 2023-01-30T23:04:53+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_onenote_malware/win_proc_creation_double_extension/ 2023-01-30T23:04:53+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_onenote_malware/win_proc_right_to_left_override/ 2023-01-30T23:04:53+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_onenote_malware/win_proc_creation_regasm_process_injection/ 2023-01-30T23:04:53+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_external_remotesvc_logons/ 2023-01-23T15:45:46+00:00 https://detection.fyi/mbabinski/sigma-rules/2023_external_remotesvc_logons/win_security_successful_external_remote_svc_login/ 2023-01-23T15:45:46+00:00 https://detection.fyi/joesecurity/sigma-rules/onenotedropssuspiciousfile/ 2023-01-13T14:13:22+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_blackcat_ransomware/win_susp_reg_added_maxmpxct_sysmon/ 2023-01-12T17:31:03+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_blackcat_ransomware/win_susp_reg_set_maxmpxct_sysmon/ 2023-01-12T17:31:03+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_vicesociety_ransomware/pwsh_ms_defender_tampering_vsociety/ 2023-01-12T16:55:33+00:00 https://detection.fyi/tags/defense-evasion/ 2023-01-09T15:44:54+00:00 https://detection.fyi/tags/discovery/ 2023-01-09T15:44:54+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/discovery_file_dir_discovery/ 2023-01-09T15:44:54+00:00 https://detection.fyi/tags/monitoring/ 2023-01-09T15:44:54+00:00 https://detection.fyi/tags/network/ 2023-01-09T15:44:54+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/defense_evasion_code_injection_conhost/ 2023-01-09T15:44:54+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/threat_intel_filebeat7x/ 2023-01-09T15:44:54+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/defense_evasion_whitespace_padding_in_command_line/ 2023-01-09T15:44:54+00:00 https://detection.fyi/tags/windows/ 2023-01-09T15:44:54+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_htmlsmuggling/ 2022-12-28T03:18:26+00:00 https://detection.fyi/tags/attack.s0483/ 2022-12-28T03:18:26+00:00 https://detection.fyi/tags/attack.t1027.006/ 2022-12-28T03:18:26+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_htmlsmuggling/3_win_security_iso_mount/ 2022-12-28T03:18:26+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_htmlsmuggling/2_win_susp_file_extraction/ 2022-12-28T03:18:26+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_htmlsmuggling/4_win_process_creation_ext_drive_old/ 2022-12-28T03:18:26+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_htmlsmuggling/4_win_process_creation_ext_drive/ 2022-12-28T03:18:26+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_htmlsmuggling/1_win_zipfile_drop/ 2022-12-28T03:18:26+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_renamesystemutilities/ 2022-12-12T15:34:14+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_renamesystemutilities/proc_creation_susp_rcedit_execution/ 2022-12-12T15:34:14+00:00 https://detection.fyi/tags/attack.s1020/ 2022-12-12T03:07:58+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_renamesystemutilities/file_creation_exe_extension/ 2022-12-12T03:07:58+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_renamesystemutilities/file_creation_exe_in_temp_directories_4663/ 2022-12-12T03:07:58+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_renamesystemutilities/proc_creation_non_exe_demo/ 2022-12-12T03:07:58+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_blackcat_ransomware/win_susp_process_blackcat_execution/ 2022-12-06T01:42:55+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_blackcat_ransomware/win_susp_process_blackcat_execution_getuuid/ 2022-12-06T01:42:55+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_blackcat_ransomware/win_susp_process_fsutil_allowing_connections/ 2022-12-06T01:42:55+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_blackcat_ransomware/win_susp_process_exec_in_perflogs_path/ 2022-12-06T01:42:55+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_blackcat_ransomware/win_susp_process_maxmpxct_reg_mod/ 2022-12-06T01:42:55+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_vicesociety_ransomware/win_exe_deployment_from_remote_share_vsociety/ 2022-11-29T00:44:54+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_vicesociety_ransomware/win_ntdsutil_credential_theft_vsociety/ 2022-11-29T00:44:54+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_vicesociety_ransomware/win_susp_reg_defender_tampering_vsociety/ 2022-11-29T00:44:54+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_vicesociety_ransomware/win_encrypted_extension_file_creation_vsociety/ 2022-11-29T00:44:54+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/powershell_encoded_flag/ 2022-11-29T00:44:13+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_hive_ransomware/ 2022-11-22T22:49:36+00:00 https://detection.fyi/tags/attack.g0092/ 2022-11-22T22:49:36+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_hive_ransomware/win_bcd_registry_modification_hive/ 2022-11-22T22:49:36+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_hive_ransomware/win_susp_wevtutil_hive/ 2022-11-22T22:49:36+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_hive_ransomware/win_susp_bcdedit_hive/ 2022-11-22T22:49:36+00:00 https://detection.fyi/joesecurity/sigma-rules/powershelldownloadandexecuteiex/ 2022-11-21T06:24:23+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_qakbot/win_qakbot_susp_schtasks_process_trellix/ 2022-11-19T20:42:21+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_qakbot/win_qakbot_susp_calc_dll_load_trellix/ 2022-11-19T20:20:31+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_qakbot/win_qakbot_dropped_file_creation_sysmon/ 2022-11-18T05:03:18+00:00 https://detection.fyi/joesecurity/sigma-rules/medusalocker/ 2022-11-11T12:11:37+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_chromeloader/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_gootloader/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/lsass_susp_parent_child_relationships/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/lsass_process_access_injection/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/powershell_disable_defender_components/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/powershell_modify_defender_components/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/rundll32_app_bypass_dllregisterserver/ 2022-11-09T18:36:17+00:00 https://detection.fyi/tags/attack.s0386/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/cmd_powershell_base64/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/bitsadmin_mal_download/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/certutil_mal_download/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_chromeloader/chrome_loadextension_chromeloader/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_chromeloader/cmd_external_drive_batch_script_execution_chromeloader/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/cmd_bypassing_security_controls/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/cmd_obfuscated_commands/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/cmd_susp_process_ancestry/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_gootloader/registry_key_creation_gootloader/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/powershell_base64/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/powershell_process_injection/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/powershell_high_count_susp_chars/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/notepad_internal_name_mismatch/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/notpowershell_unusual_commandline/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/process_execution_without_commandline/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/rundll32_susp_export_functionality/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/rundll32_susp_process_ancestry/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/rundll32_without_commandline/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/powershell_susp_cmdlets/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/powershell_susp_wmi_cmdlets/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/svchost_wout_normal_parameters/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/powershell_renamed/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/schtasks_susp_behavior/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/schtasks_create_shell/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/schtasks_network_connections/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/wmic_shadow_copy_deletion/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/wmi_recon_activity/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/wmi_susp_process_lineage/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_redcanary_threatdetectionreport/wmic_susp_commands/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_gootloader/wscript_execution_in_appdata_gootloader/ 2022-11-09T18:36:17+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_solarmarker/ 2022-11-09T18:31:06+00:00 https://detection.fyi/mbabinski/sigma-rules/2022_solarmarker/win_susp_file_ext_reg_key/ 2022-11-09T18:31:06+00:00 https://detection.fyi/tags/configuration-audit/ 2022-11-09T17:51:52+00:00 https://detection.fyi/tags/gcp/ 2022-11-09T17:51:52+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/privilege_escalation_gcp_kubernetes_rolebindings_created_or_patched/ 2022-11-09T17:51:52+00:00 https://detection.fyi/joesecurity/sigma-rules/remcos/ 2022-11-09T05:54:13+00:00 https://detection.fyi/joesecurity/sigma-rules/sodinokibi/ 2022-11-02T11:46:45+00:00 https://detection.fyi/joesecurity/sigma-rules/copyfiletostartupviapowershell/ 2022-10-28T06:08:42+00:00 https://detection.fyi/joesecurity/sigma-rules/stopmultipleservices/ 2022-10-11T06:38:13+00:00 https://detection.fyi/tags/apm/ 2022-09-19T17:56:03+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/apm_null_user_agent/ 2022-09-19T17:56:03+00:00 https://detection.fyi/joesecurity/sigma-rules/powershelldropsnetsupportratclient/ 2022-08-30T11:56:23+00:00 https://detection.fyi/joesecurity/sigma-rules/vjw0rm/ 2022-08-30T07:40:25+00:00 https://detection.fyi/tags/command-and-control/ 2022-08-03T01:59:35+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/command_and_control_dns_directly_to_the_internet/ 2022-08-03T01:59:35+00:00 https://detection.fyi/tags/credential-access/ 2022-08-01T16:28:26+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/privilege_escalation_krbrelayup_suspicious_logon/ 2022-08-01T16:28:26+00:00 https://detection.fyi/tags/privilege-escalation/ 2022-08-01T16:28:26+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/privilege_escalation_linux_strace_activity/ 2022-07-29T16:25:49+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/defense_evasion_attempt_to_disable_iptables_or_firewall/ 2022-07-26T13:18:25+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/initial_access_login_time/ 2022-07-26T13:18:25+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/initial_access_login_location/ 2022-07-26T13:18:25+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/initial_access_login_failures/ 2022-07-26T13:18:25+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/initial_access_login_sessions/ 2022-07-26T13:18:25+00:00 https://detection.fyi/tags/execution/ 2022-07-26T13:18:25+00:00 https://detection.fyi/tags/initial-access/ 2022-07-26T13:18:25+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_linux_process_started_in_temp_directory/ 2022-07-26T13:18:25+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/cve-2022-26134/cve-2022-26134_confluence_exploit_activity_webserver/ 2022-07-13T06:20:35+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/cve-2022-26134/ 2022-07-13T06:20:35+00:00 https://detection.fyi/loginsoft-research/detection-rules/ 2022-07-13T06:20:35+00:00 https://detection.fyi/loginsoft-research/ 2022-07-13T06:20:35+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/ 2022-07-13T06:20:35+00:00 https://detection.fyi/tags/gtfobins/ 2022-05-25T03:02:53+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_apt_binary/ 2022-05-25T03:02:53+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_awk_binary_shell/ 2022-05-25T03:02:53+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_busybox_binary/ 2022-05-25T03:02:53+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_c89_c99_binary/ 2022-05-25T03:02:53+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_cpulimit_binary/ 2022-05-25T03:02:53+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_crash_binary/ 2022-05-25T03:02:53+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_env_binary/ 2022-05-25T03:02:53+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_flock_binary/ 2022-05-25T03:02:53+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_expect_binary/ 2022-05-25T03:02:53+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_find_binary/ 2022-05-25T03:02:53+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_gcc_binary/ 2022-05-25T03:02:53+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_mysql_binary/ 2022-05-25T03:02:53+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_ssh_binary/ 2022-05-25T03:02:53+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_vi_binary/ 2022-05-25T03:02:53+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/privilege_escalation_printspooler_malicious_registry_modification/ 2022-03-17T22:39:36+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/privilege_escalation_printspooler_malicious_driver_file_changes/ 2022-03-17T22:39:36+00:00 https://detection.fyi/joesecurity/sigma-rules/dropsscriptatstartuplocation/ 2022-03-15T11:31:24+00:00 https://detection.fyi/joesecurity/sigma-rules/bitsadmindownloadandexecute/ 2021-12-10T07:17:45+00:00 https://detection.fyi/loginsoft-research/detection-rules/active-exploits/ 2021-11-01T13:26:08+00:00 https://detection.fyi/loginsoft-research/detection-rules/active-exploits/cve-2021-22205/ 2021-11-01T13:26:08+00:00 https://detection.fyi/tags/asset-visibility/ 2021-10-26T15:26:20+00:00 https://detection.fyi/tags/aws/ 2021-10-26T15:26:20+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/exfiltration_rds_snapshot_export/ 2021-10-26T15:26:20+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/defense_evasion_mshta_making_network_connections/ 2021-10-20T05:47:36+00:00 https://detection.fyi/joesecurity/sigma-rules/executedllwithspoofedextension/ 2021-10-15T09:37:03+00:00 https://detection.fyi/joesecurity/sigma-rules/powershelldecryptandexecutebase64data/ 2021-09-30T04:57:10+00:00 https://detection.fyi/loginsoft-research/detection-rules/active-exploits/cve-2020-15568/ 2021-09-29T05:14:12+00:00 https://detection.fyi/loginsoft-research/detection-rules/active-exploits/cve-2018-20057/ 2021-09-24T06:04:13+00:00 https://detection.fyi/loginsoft-research/detection-rules/active-exploits/cve-2012-1922/ 2021-09-24T06:02:58+00:00 https://detection.fyi/loginsoft-research/detection-rules/active-exploits/cve-2021-26084/ 2021-09-24T06:02:09+00:00 https://detection.fyi/joesecurity/sigma-rules/dropsfakesystemfileatsystemrootdrive/ 2021-08-13T08:21:08+00:00 https://detection.fyi/joesecurity/sigma-rules/powershellruncodefromregistry/ 2021-08-12T08:15:51+00:00 https://detection.fyi/joesecurity/sigma-rules/runcertutilfromsuspiciouslocation/ 2021-07-30T08:20:21+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/initial_access_rdp_remote_desktop_protocol_to_the_internet/ 2021-07-29T18:56:13+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/command_and_control_ssh_secure_shell_from_the_internet/ 2021-07-29T18:56:13+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/command_and_control_ssh_secure_shell_to_the_internet/ 2021-07-29T18:56:13+00:00 https://detection.fyi/joesecurity/sigma-rules/limerat/ 2021-07-22T13:43:24+00:00 https://detection.fyi/joesecurity/sigma-rules/scheduletempfileastaskfromtemplocation/ 2021-06-28T11:09:33+00:00 https://detection.fyi/loginsoft-research/detection-rules/active-exploits/cve-2021-22986/ 2021-06-28T04:25:58+00:00 https://detection.fyi/loginsoft-research/detection-rules/active-exploits/cve-2019-10040/ 2021-06-28T04:24:53+00:00 https://detection.fyi/loginsoft-research/detection-rules/active-exploits/cve-2020-25506/ 2021-06-28T04:23:56+00:00 https://detection.fyi/joesecurity/sigma-rules/msiexecdownloadandexecute/ 2021-05-25T10:33:27+00:00 https://detection.fyi/joesecurity/sigma-rules/schedulesystemprocess/ 2021-05-19T10:51:50+00:00 https://detection.fyi/joesecurity/sigma-rules/addfilefromsuspiciouslocationtoautostartregistry/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/antivm/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/applockerbypassviaregsvr32/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/checkexternalipviapowershell/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/checkprivilegeofcmdviawhoami/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/copyitselftosuspiciouslocationviatypecommand/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/credwizutildroppedbymshtafordllsideloading/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/decodedllviacertutil/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/decodestringsfromlnkviafindstr/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/deleteshadowcopyviapowershell/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/deleteshadowcopyviawmic/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/dropsadllwithwllextensiontothestartup/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/eqnedt32connectingtointernet/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/exelaunchedbyreflectiveloaderdll/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/executedllwithtxtextensionfromtemplocation/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/executescriptwithspoofedextension/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/executescriptletfrominternetviaregsvr32/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/executescriptletviaregsvr32/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/filedroppedbyeqnedt32exe/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/fodhelperuacbypass/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/geofencedru/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/getantivirusdetailsviawmicquery/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/hidecopyanddeleteitself/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/icediddownloader/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/killmultipleprocess/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/msbuildconnectstosmtpport/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/msbuildexecutesuspicoustask/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/msbuildlaunchedbyscr/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/mshtadownloadpastebin/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/nanocore/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/netwire/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/officeproductdropsexecutableatsuspiciouslocation/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/officeproductdropsscriptatsuspiciouslocation/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/powershelladdexclusionpathextensionandprocess/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/powershelladdingsuspiciouspathtoexclusionlist/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/powershellcreatelnkinstartup/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/powershelldelayedexecutionviapingcommand/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/powershelldownloadfileandshellexecute/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/powershelldownloadfilefrombase64url/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/powershelldownloadpayloadfromhardcodedc2list/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/powershellexecutecodefromregistry/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/powershelliexdownloadinbase64/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/powershelllaunchwmicviaclass/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/powershelllaunchwscript/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/powershelllaunchedbywinword/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/powershellloadassemblyfrominternet/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/powershellloadassemblyfromregistry/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/powershellregistryexecutionviawmic/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/quasar/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/reflectiveloader/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/regasmconnectstosmtpport/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/registerdllatautostartlocationviaregsvr32/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/registerwscriptinrunkey/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/renamesystemprocessandcopytosuspiciouslocation/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/renamedmshtalaunchinghtml/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/rmsremoteadmin/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/runtempfileviaregsvr32/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/rundll32launchmshtaandrunscriptfrominternet/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/rundll32rundllfrominternet/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/ryuk/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/schedulebinaryfromdotnetdirectory/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/schedulecertutilwindowsbinary/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/scheduleregsvrwindowsbinary/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/schedulescriptastask/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/schedulescriptfrominternetviamshta/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/schedulevbsfromappdata/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/shedulepowershellwithencodedcommandparameter/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/stealgooglechromelogindata/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/wakeonlan/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/winworddropsscriptinstartup/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/wmicdownloadviamsiexec/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/wmiclaunchmsiexec/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/wmiclaunchpowershellandexecuteencryptedscript/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/wmiclaunchregsvr32/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/wmiclaunchscriptfromxslfile/ 2021-05-03T10:45:23+00:00 https://detection.fyi/joesecurity/sigma-rules/wscriptlaunchedbypowershell/ 2021-05-03T10:45:23+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/defense_evasion_base64_encoding_or_decoding_activity/ 2021-04-21T19:10:06+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/command_and_control_ftp_file_transfer_protocol_activity_to_the_internet/ 2021-04-21T19:10:06+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/defense_evasion_hex_encoding_or_decoding_activity/ 2021-04-21T19:10:06+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/command_and_control_irc_internet_relay_chat_protocol_activity_to_the_internet/ 2021-04-21T19:10:06+00:00 https://detection.fyi/tags/macos/ 2021-04-21T19:10:06+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/linux_mknod_activity/ 2021-04-21T19:10:06+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/credential_access_tcpdump_activity/ 2021-04-21T19:10:06+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/linux_nmap_activity/ 2021-04-21T19:10:06+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/persistence_kernel_module_activity/ 2021-04-21T19:10:06+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/persistence_cron_jobs_creation_and_runtime/ 2021-04-21T19:10:06+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_command_shell_started_by_powershell/ 2021-04-21T19:10:06+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/command_and_control_pptp_point_to_point_tunneling_protocol_activity/ 2021-04-21T19:10:06+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/command_and_control_proxy_port_activity_to_the_internet/ 2021-04-21T19:10:06+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/discovery_query_registry_via_reg/ 2021-04-21T19:10:06+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/command_and_control_smtp_to_the_internet/ 2021-04-21T19:10:06+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/linux_socat_activity/ 2021-04-21T19:10:06+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/command_and_control_sql_server_port_activity_to_the_internet/ 2021-04-21T19:10:06+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/command_and_control_port_8000_activity_to_the_internet/ 2021-04-21T19:10:06+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/command_and_control_tor_activity_to_the_internet/ 2021-04-21T19:10:06+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/discovery_whoami_commmand/ 2021-04-21T19:10:06+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/discovery_process_discovery_via_tasklist_command/ 2021-04-15T20:18:56+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/defense_evasion_execution_via_trusted_developer_utilities/ 2021-04-15T20:15:38+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/execution_via_net_com_assemblies/ 2021-03-19T09:05:09+00:00 https://detection.fyi/elastic/detection-rules/_deprecated/privilege_escalation_setgid_bit_set_via_chmod/ 2021-03-17T05:31:33+00:00 https://detection.fyi/loginsoft-research/detection-rules/anomaly-detection/ 2020-09-17T09:45:41+00:00 https://detection.fyi/loginsoft-research/detection-rules/anomaly-detection/aspdotnet/anomaly_aspdotnet_high/ 2020-09-17T09:45:41+00:00 https://detection.fyi/loginsoft-research/detection-rules/anomaly-detection/aspdotnet/ 2020-09-17T09:45:41+00:00 https://detection.fyi/loginsoft-research/detection-rules/anomaly-detection/spring-framework/anomaly_spring_high/ 2020-09-17T09:42:24+00:00 https://detection.fyi/loginsoft-research/detection-rules/anomaly-detection/spring-framework/ 2020-09-17T09:42:24+00:00 https://detection.fyi/loginsoft-research/detection-rules/anomaly-detection/tomcat/anomaly_tomcat_critical/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/anomaly-detection/tomcat/anomaly_tomcat_high/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/anomaly-detection/tomcat/anomaly_tomcat_low/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/anomaly-detection/nginx/anomaly_nginx_critical/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/anomaly-detection/nginx/anomaly_nginx_high/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/anomaly-detection/nginx/anomaly_nginx_low/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/anomaly-detection/wildfly/anomaly_wildfly_critical/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/anomaly-detection/wildfly/anomaly_wildfly_high/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/tomcat/cve-2002-2006/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/nginx/cve-2009-3898/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/nginx/cve-2009-4487/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/nginx/cve-2010-2263/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/nginx/cve-2010-2266/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/nginx/cve-2013-2028/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/nginx/cve-2013-4547/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/active-exploits/cve-2016-10134/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/tomcat/cve-2016-6816/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/httpd/cve-2017-12615/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/tomcat/cve-2017-12617/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/active-exploits/cve-2017-14849/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/httpd/cve-2017-15715/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/drupal/cve-2017-6920/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/nginx/cve-2017-7529/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/httpd/cve-2017-7659/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/httpd/cve-2018-11759/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/active-exploits/cve-2018-12613/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/active-exploits/cve-2018-7490/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/drupal/cve-2018-7600/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/drupal/cve-2018-7602/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/tomcat/cve-2019-0232/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/httpd/cve-2019-10092/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/httpd/cve-2019-10097/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/httpd/cve-2019-10098/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/drupal/cve-2019-6339/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/drupal/cve-2019-6340/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/active-exploits/cve-2020-12112/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/active-exploits/cve-2020-12443/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/drupal/cve-2020-13662/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/httpd/cve-2020-1927/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/tomcat/cve-2020-1938/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/active-exploits/cve-2020-5722/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/active-exploits/cve-2020-8515/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/tomcat/cve-2020-9484/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/drupal/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/httpd/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/anomaly-detection/nginx/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/nginx/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/anomaly-detection/tomcat/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/threat-detection/tomcat/ 2020-08-21T06:07:48+00:00 https://detection.fyi/loginsoft-research/detection-rules/anomaly-detection/wildfly/ 2020-08-21T06:07:48+00:00 https://detection.fyi/categories/ https://detection.fyi/search/ https://detection.fyi/series/