Rule Library

Sigma Rules

2 rules found

3,707Total

3,116Detection

451Emerging

137Hunting

Filters

Type

Severity

Status

Product

Cleartext Protocol Usage

Ensure that all account usernames and authentication credentials are transmitted across networks using encrypted channels. Ensure that an encryption is used for all sensitive information in transit. Ensure that an encrypted channels is used for all administrative account access.

Firewall

TA0006 · Credential Access

Alexandr Yampolskyi+2Tue Mar 26network

Emerging Threathightest

Equation Group C2 Communication

Detects communication to C2 servers mentioned in the operational notes of the ShadowBroker leak of EquationGroup C2 tools

Firewall

TA0010 · ExfiltrationTA0011 · Command and ControlG0020 · G0020T1041 · Exfiltration Over C2 Channel+1

Florian Roth (Nextron Systems)Sat Apr 152017