Rule Library
Sigma Rules
3 rules found for "Nuttakorn T"
3,707Total
3,116Detection
451Emerging
137Hunting
Emerging Threatcriticalstable
Antivirus PrinterNightmare CVE-2021-34527 Exploit Detection
Detects the suspicious file that is created from PoC code against Windows Print Spooler Remote Code Execution Vulnerability CVE-2021-34527 (PrinterNightmare), CVE-2021-1675 .
Antivirus Alert
TA0005 · Defense EvasionTA0004 · Privilege EscalationT1055 · Process Injectiondetection.emerging-threats+2
Sittikorn S+2Thu Jul 012021
Emerging Threathightest
Potential CVE-2021-26084 Exploitation Attempt
Detects potential exploitation of CVE-2021-260841 a Confluence RCE using OGNL injection
Web Server Log
TA0001 · Initial AccessT1190 · Exploit Public-Facing Applicationcve.2021-26084detection.emerging-threats
Sittikorn S+1Tue Dec 132021
Emerging Threatcriticaltest
CVE-2021-40539 Zoho ManageEngine ADSelfService Plus Exploit
Detects an authentication bypass vulnerability affecting the REST API URLs in ADSelfService Plus (CVE-2021-40539).
Web Server Log
TA0001 · Initial AccessT1190 · Exploit Public-Facing ApplicationTA0003 · PersistenceT1505.003 · Web Shell+2
Sittikorn S+1Fri Sep 102021