Rule Library
Sigma Rules
2 rules found for "APT29-CozyBear"
3,731Total
3,132Detection
457Emerging
139Hunting
Emerging Threatcriticalstable
APT29 2018 Phishing Campaign File Indicators
Detects indicators of APT 29 (Cozy Bear) phishing-campaign as reported by mandiant
WindowsFile Event
@41thexplorerTue Nov 202018
Emerging Threatcriticalstable
APT29 2018 Phishing Campaign CommandLine Indicators
Detects indicators of APT 29 (Cozy Bear) phishing-campaign as reported by mandiant
WindowsProcess Creation
Florian Roth (Nextron Systems)Tue Nov 202018