Rule Library

Sigma Rules

2 rules found for "Arnim Rupp"

3,707Total

3,116Detection

451Emerging

137Hunting

Filters

Type

Severity

Status

Product

Citrix Netscaler Attack CVE-2019-19781

Detects CVE-2019-19781 exploitation attempt against Citrix Netscaler, Application Delivery Controller and Citrix Gateway Attack

Web Server Log

TA0001 · Initial AccessT1190 · Exploit Public-Facing Applicationcve.2019-19781detection.emerging-threats

Arnim Rupp+1Thu Jan 022019

Emerging Threathightest

Potential Exploitation of CVE-2024-3094 - Suspicious SSH Child Process

Detects potentially suspicious child process of SSH process (sshd) with a specific execution user. This could be a sign of potential exploitation of CVE-2024-3094.

LinuxProcess Creation

TA0002 · Executioncve.2024-3094detection.emerging-threats

Arnim Rupp+2Mon Apr 012024