Rule Library

Sigma Rules

1 rule found for "Huntress Team"

3,707Total

3,116Detection

451Emerging

137Hunting

Filters

Type

Severity

Status

Product

Suspicious Child Process of SolarWinds WebHelpDesk

Detects suspicious child processes spawned by SolarWinds WebHelpDesk (WHD) application, which may indicate exploitation activity leveraging RCE vulnerabilities such as CVE-2025-40551, CVE-2025-40536, or CVE-2025-26399

WindowsProcess Creation

TA0001 · Initial AccessT1190 · Exploit Public-Facing Applicationcve.2025-26399cve.2025-40536+2

Huntress Team+1Wed Feb 112025