open-menu
closeme
Potential Persistence Via GlobalFlags
calendar
Jun 5, 2023
·
attack.privilege_escalation
attack.persistence
attack.defense_evasion
attack.t1546.012
car.2013-01-002
·
Share on:
twitter
facebook
linkedin
copy
Potential SmadHook.DLL Sideloading
calendar
Jun 2, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential Azure Browser SSO Abuse
calendar
Jun 1, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential Goopdate.DLL Sideloading
calendar
May 20, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential WWlib.DLL Sideloading
calendar
May 18, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
LiveKD Driver Creation
calendar
May 17, 2023
·
attack.defense_evasion
attack.privilege_escalation
·
Share on:
twitter
facebook
linkedin
copy
LiveKD Driver Creation By Uncommon Process
calendar
May 17, 2023
·
attack.defense_evasion
attack.privilege_escalation
·
Share on:
twitter
facebook
linkedin
copy
LiveKD Kernel Memory Dump File Created
calendar
May 17, 2023
·
attack.defense_evasion
attack.privilege_escalation
·
Share on:
twitter
facebook
linkedin
copy
Windows Kernel Debugger Execution
calendar
May 17, 2023
·
attack.defense_evasion
attack.privilege_escalation
·
Share on:
twitter
facebook
linkedin
copy
Potential System DLL Sideloading From Non System Locations
calendar
May 16, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential RoboForm.DLL Sideloading
calendar
May 15, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential Chrome Frame Helper DLL Sideloading
calendar
May 15, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential Wazuh Security Platform DLL Sideloading
calendar
May 15, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
PSEXEC Remote Execution File Artefact
calendar
May 15, 2023
·
attack.lateral_movement
attack.privilege_escalation
attack.execution
attack.persistence
attack.t1136.002
attack.t1543.003
attack.t1570
attack.s0029
·
Share on:
twitter
facebook
linkedin
copy
PUA - Process Hacker Driver Load
calendar
May 15, 2023
·
attack.privilege_escalation
cve.2021.21551
attack.t1543
·
Share on:
twitter
facebook
linkedin
copy
PUA - System Informer Driver Load
calendar
May 15, 2023
·
attack.privilege_escalation
attack.t1543
·
Share on:
twitter
facebook
linkedin
copy
Potential DLL Sideloading Of Libcurl.DLL Via GUP.EXE
calendar
May 9, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential Persistence Via PowerShell User Profile Using Add-Content
calendar
May 9, 2023
·
attack.persistence
attack.privilege_escalation
attack.t1546.013
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Child Process Of SQL Server
calendar
May 9, 2023
·
attack.t1505.003
attack.t1190
attack.initial_access
attack.persistence
attack.privilege_escalation
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Child Process Of Veeam Dabatase
calendar
May 9, 2023
·
attack.initial_access
attack.persistence
attack.privilege_escalation
·
Share on:
twitter
facebook
linkedin
copy
Potential SolidPDFCreator.DLL Sideloading
calendar
May 8, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Remote Thread Creation By Uncommon Source Image
calendar
May 5, 2023
·
attack.privilege_escalation
attack.defense_evasion
attack.t1055
·
Share on:
twitter
facebook
linkedin
copy
Process Explorer Driver Creation By Non-Sysinternals Binary
calendar
May 5, 2023
·
attack.persistence
attack.privilege_escalation
attack.t1068
·
Share on:
twitter
facebook
linkedin
copy
Process Monitor Driver Creation By Non-Sysinternals Binary
calendar
May 5, 2023
·
attack.persistence
attack.privilege_escalation
attack.t1068
·
Share on:
twitter
facebook
linkedin
copy
Potential DLL Sideloading Of DBGCORE.DLL
calendar
May 5, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Potential DLL Sideloading Of DBGHELP.DLL
calendar
May 5, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Remote Thread Creation In Uncommon Target Image
calendar
May 5, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1055.003
·
Share on:
twitter
facebook
linkedin
copy
Standard User In High Privileged Group
calendar
May 5, 2023
·
attack.credential_access
attack.privilege_escalation
·
Share on:
twitter
facebook
linkedin
copy
DiagTrackEoP Default Login Username
calendar
May 2, 2023
·
attack.privilege_escalation
·
Share on:
twitter
facebook
linkedin
copy
KDC RC4-HMAC Downgrade CVE-2022-37966
calendar
May 2, 2023
·
attack.privilege_escalation
·
Share on:
twitter
facebook
linkedin
copy
KrbRelayUp Attack Pattern
calendar
May 2, 2023
·
attack.privilege_escalation
attack.credential_access
·
Share on:
twitter
facebook
linkedin
copy
Potential Access Token Abuse
calendar
May 2, 2023
·
attack.defense_evasion
attack.privilege_escalation
attack.t1134.001
·
Share on:
twitter
facebook
linkedin
copy
Remote WMI ActiveScriptEventConsumers
calendar
May 2, 2023
·
attack.lateral_movement
attack.privilege_escalation
attack.persistence
attack.t1546.003
·
Share on:
twitter
facebook
linkedin
copy
RottenPotato Like Attack Pattern
calendar
May 2, 2023
·
attack.privilege_escalation
attack.credential_access
attack.t1557.001
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Elevated System Shell
calendar
Apr 20, 2023
·
attack.privilege_escalation
attack.defense_evasion
attack.execution
attack.t1059
·
Share on:
twitter
facebook
linkedin
copy
Potential Libvlc.DLL Sideloading
calendar
Apr 17, 2023
·
attack.defense_evasion
attack.persistence
attack.privilege_escalation
attack.t1574.001
attack.t1574.002
·
Share on:
twitter
facebook
linkedin
copy
Audit CVE Event
calendar
Apr 14, 2023
·
attack.execution
attack.t1203
attack.privilege_escalation
attack.t1068
attack.defense_evasion
attack.t1211
attack.credential_access
attack.t1212
attack.lateral_movement
attack.t1210
attack.impact
attack.t1499.004
·
Share on:
twitter
facebook
linkedin
copy
CobaltStrike Service Installations - System
calendar
Apr 14, 2023
·
attack.execution
attack.privilege_escalation
attack.lateral_movement
attack.t1021.002
attack.t1543.003
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
KrbRelayUp Service Installation
calendar
Apr 14, 2023
·
attack.privilege_escalation
attack.t1543
·
Share on:
twitter
facebook
linkedin
copy
Meterpreter or Cobalt Strike Getsystem Service Installation - System
calendar
Apr 14, 2023
·
attack.privilege_escalation
attack.t1134.001
attack.t1134.002
·
Share on:
twitter
facebook
linkedin
copy
Moriya Rootkit - System
calendar
Apr 14, 2023
·
attack.persistence
attack.privilege_escalation
attack.t1543.003
·
Share on:
twitter
facebook
linkedin
copy
New PDQDeploy Service - Client Side
calendar
Apr 14, 2023
·
attack.privilege_escalation
attack.t1543.003
·
Share on:
twitter
facebook
linkedin
copy
New PDQDeploy Service - Server Side
calendar
Apr 14, 2023
·
attack.privilege_escalation
attack.t1543.003
·
Share on:
twitter
facebook
linkedin
copy
ProcessHacker Privilege Elevation
calendar
Apr 14, 2023
·
attack.execution
attack.privilege_escalation
attack.t1543.003
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
Service Installation in Suspicious Folder
calendar
Apr 14, 2023
·
attack.persistence
attack.privilege_escalation
car.2013-09-005
attack.t1543.003
·
Share on:
twitter
facebook
linkedin
copy
Service Installation with Suspicious Folder Pattern
calendar
Apr 14, 2023
·
attack.persistence
attack.privilege_escalation
car.2013-09-005
attack.t1543.003
·
Share on:
twitter
facebook
linkedin
copy
Service Installed By Unusual Client - System
calendar
Apr 14, 2023
·
attack.privilege_escalation
attack.t1543
·
Share on:
twitter
facebook
linkedin
copy
Sliver C2 Default Service Installation
calendar
Apr 14, 2023
·
attack.execution
attack.privilege_escalation
attack.t1543.003
attack.t1569.002
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Service Installation Script
calendar
Apr 14, 2023
·
attack.persistence
attack.privilege_escalation
car.2013-09-005
attack.t1543.003
·
Share on:
twitter
facebook
linkedin
copy
Vulnerable Netlogon Secure Channel Connection Allowed
calendar
Apr 14, 2023
·
attack.privilege_escalation
attack.t1548
·
Share on:
twitter
facebook
linkedin
copy
««
«
1
2
3
4
5
»
»»
to-top