open-menu
closeme
Amsi.DLL Load By Uncommon Process
calendar
Jun 1, 2023
·
attack.defense_evasion
attack.impact
attack.t1490
·
Share on:
twitter
facebook
linkedin
copy
Potential Suspicious Change To Sensitive/Critical Files
calendar
May 30, 2023
·
attack.impact
attack.t1565.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Volume Shadow Copy VSS_PS.dll Load
calendar
May 23, 2023
·
attack.defense_evasion
attack.impact
attack.t1490
·
Share on:
twitter
facebook
linkedin
copy
Potential Active Directory Enumeration Using AD Module - PsModule
calendar
May 15, 2023
·
attack.reconnaissance
attack.discovery
attack.impact
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Appended Extension
calendar
May 15, 2023
·
attack.impact
attack.t1486
·
Share on:
twitter
facebook
linkedin
copy
Potential Ransomware Activity Using LegalNotice Message
calendar
May 11, 2023
·
attack.impact
attack.t1491.001
·
Share on:
twitter
facebook
linkedin
copy
Nginx Core Dump
calendar
May 8, 2023
·
attack.impact
attack.t1499.004
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Volume Shadow Copy Vssapi.dll Load
calendar
May 3, 2023
·
attack.defense_evasion
attack.impact
attack.t1490
·
Share on:
twitter
facebook
linkedin
copy
Apache Segmentation Fault
calendar
Apr 19, 2023
·
attack.impact
attack.t1499.004
·
Share on:
twitter
facebook
linkedin
copy
Network Communication With Crypto Mining Pool
calendar
Apr 18, 2023
·
attack.impact
attack.t1496
·
Share on:
twitter
facebook
linkedin
copy
Application Uninstalled
calendar
Apr 14, 2023
·
attack.impact
attack.t1489
·
Share on:
twitter
facebook
linkedin
copy
Audit CVE Event
calendar
Apr 14, 2023
·
attack.execution
attack.t1203
attack.privilege_escalation
attack.t1068
attack.defense_evasion
attack.t1211
attack.credential_access
attack.t1212
attack.lateral_movement
attack.t1210
attack.impact
attack.t1499.004
·
Share on:
twitter
facebook
linkedin
copy
NTFS Vulnerability Exploitation
calendar
Apr 14, 2023
·
attack.impact
attack.t1499.001
·
Share on:
twitter
facebook
linkedin
copy
Windows Update Error
calendar
Apr 14, 2023
·
attack.impact
attack.resource_development
attack.t1584
·
Share on:
twitter
facebook
linkedin
copy
Silence.EDA Detection
calendar
Apr 11, 2023
·
attack.execution
attack.t1059.001
attack.command_and_control
attack.t1071.004
attack.t1572
attack.impact
attack.t1529
attack.g0091
attack.s0363
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Volume Shadow Copy Vsstrace.dll Load
calendar
Mar 28, 2023
·
attack.defense_evasion
attack.impact
attack.t1490
·
Share on:
twitter
facebook
linkedin
copy
Stop Windows Service Via Net.EXE
calendar
Mar 7, 2023
·
attack.impact
attack.t1489
·
Share on:
twitter
facebook
linkedin
copy
Stop Windows Service Via PowerShell Stop-Service
calendar
Mar 7, 2023
·
attack.impact
attack.t1489
·
Share on:
twitter
facebook
linkedin
copy
Stop Windows Service Via Sc.EXE
calendar
Mar 7, 2023
·
attack.impact
attack.t1489
·
Share on:
twitter
facebook
linkedin
copy
Copy From VolumeShadowCopy Via Cmd.EXE
calendar
Mar 7, 2023
·
attack.impact
attack.t1490
·
Share on:
twitter
facebook
linkedin
copy
Potential Crypto Mining Activity
calendar
Mar 5, 2023
·
attack.impact
attack.t1496
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Execution of Shutdown to Log Out
calendar
Mar 5, 2023
·
attack.impact
attack.t1529
·
Share on:
twitter
facebook
linkedin
copy
Deletion of Volume Shadow Copies via WMI with PowerShell
calendar
Mar 2, 2023
·
attack.impact
attack.t1490
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Execution of Shutdown
calendar
Mar 2, 2023
·
attack.impact
attack.t1529
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Execution of Taskkill
calendar
Mar 2, 2023
·
attack.impact
attack.t1489
·
Share on:
twitter
facebook
linkedin
copy
Potential File Overwrite Via Sysinternals SDelete
calendar
Feb 28, 2023
·
attack.impact
attack.t1485
·
Share on:
twitter
facebook
linkedin
copy
Renamed Sysinternals Sdelete Execution
calendar
Feb 24, 2023
·
attack.impact
attack.t1485
·
Share on:
twitter
facebook
linkedin
copy
Deleted Data Overwritten Via Cipher.EXE
calendar
Feb 22, 2023
·
attack.impact
attack.t1485
·
Share on:
twitter
facebook
linkedin
copy
AADInternals PowerShell Cmdlets Execution - ProccessCreation
calendar
Feb 21, 2023
·
attack.execution
attack.reconnaissance
attack.discovery
attack.credential_access
attack.impact
·
Share on:
twitter
facebook
linkedin
copy
Delete All Scheduled Tasks
calendar
Feb 21, 2023
·
attack.impact
attack.t1489
·
Share on:
twitter
facebook
linkedin
copy
Delete Important Scheduled Task
calendar
Feb 21, 2023
·
attack.impact
attack.t1489
·
Share on:
twitter
facebook
linkedin
copy
Disable Important Scheduled Task
calendar
Feb 21, 2023
·
attack.impact
attack.t1489
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Reg Add BitLocker
calendar
Feb 21, 2023
·
attack.impact
attack.t1486
·
Share on:
twitter
facebook
linkedin
copy
Backup Files Deleted
calendar
Feb 17, 2023
·
attack.impact
attack.t1490
·
Share on:
twitter
facebook
linkedin
copy
Boot Configuration Tampering Via Bcdedit.EXE
calendar
Feb 15, 2023
·
attack.impact
attack.t1490
·
Share on:
twitter
facebook
linkedin
copy
Important Scheduled Task Deleted
calendar
Feb 8, 2023
·
attack.impact
attack.t1489
·
Share on:
twitter
facebook
linkedin
copy
AADInternals PowerShell Cmdlets Execution - PsScript
calendar
Feb 6, 2023
·
attack.execution
attack.reconnaissance
attack.discovery
attack.credential_access
attack.impact
·
Share on:
twitter
facebook
linkedin
copy
Github Self Hosted Runner Changes Detected
calendar
Feb 6, 2023
·
attack.impact
attack.discovery
attack.collection
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.initial_access
attack.t1526
attack.t1213.003
attack.t1078.004
·
Share on:
twitter
facebook
linkedin
copy
SystemStateBackup Deleted Using Wbadmin.EXE
calendar
Feb 5, 2023
·
attack.impact
attack.t1490
·
Share on:
twitter
facebook
linkedin
copy
Commands to Clear or Remove the Syslog - Builtin
calendar
Feb 1, 2023
·
attack.impact
attack.t1565.001
·
Share on:
twitter
facebook
linkedin
copy
History File Deletion
calendar
Feb 1, 2023
·
attack.impact
attack.t1565.001
·
Share on:
twitter
facebook
linkedin
copy
Monero Crypto Coin Mining Pool Lookup
calendar
Feb 1, 2023
·
attack.impact
attack.t1496
attack.t1567
·
Share on:
twitter
facebook
linkedin
copy
Sensitive Registry Access via Volume Shadow Copy
calendar
Feb 1, 2023
·
attack.impact
attack.t1490
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Log Entries
calendar
Feb 1, 2023
·
attack.impact
·
Share on:
twitter
facebook
linkedin
copy
Github Delete Action Invoked
calendar
Jan 30, 2023
·
attack.impact
attack.collection
attack.t1213.003
·
Share on:
twitter
facebook
linkedin
copy
Remove Account From Domain Admin Group
calendar
Jan 27, 2023
·
attack.impact
attack.t1531
·
Share on:
twitter
facebook
linkedin
copy
Replace Desktop Wallpaper by Powershell
calendar
Jan 27, 2023
·
attack.impact
attack.t1491.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Creation TXT File in User Desktop
calendar
Jan 27, 2023
·
attack.impact
attack.t1486
·
Share on:
twitter
facebook
linkedin
copy
Potential Active Directory Enumeration Using AD Module - ProcCreation
calendar
Jan 22, 2023
·
attack.reconnaissance
attack.discovery
attack.impact
·
Share on:
twitter
facebook
linkedin
copy
Potential Active Directory Enumeration Using AD Module - PsScript
calendar
Jan 22, 2023
·
attack.reconnaissance
attack.discovery
attack.impact
·
Share on:
twitter
facebook
linkedin
copy
««
«
1
2
3
»
»»
to-top