Rule Library
Sigma Rules
3 rules found for "Thurein Oo"
3,707Total
3,116Detection
451Emerging
137Hunting
Emerging Threathightest
Potential Information Disclosure CVE-2023-43261 Exploitation - Proxy
Detects exploitation attempts of CVE-2023-43261 and information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 that allows attackers to access sensitive router components in proxy logs.
Proxy Log
TA0001 · Initial AccessT1190 · Exploit Public-Facing Applicationcve.2023-43621detection.emerging-threats
Nasreddine Bencherchali (Nextron Systems)+1Fri Oct 202023
Emerging Threathightest
Potential Information Disclosure CVE-2023-43261 Exploitation - Web
Detects exploitation attempts of CVE-2023-43261 and information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 that allows attackers to access sensitive router components in access logs.
Web Server Log
TA0001 · Initial AccessT1190 · Exploit Public-Facing Applicationcve.2023-43621detection.emerging-threats
Nasreddine Bencherchali (Nextron Systems)+1Fri Oct 202023
Emerging Threathightest
Lazarus APT DLL Sideloading Activity
Detects sideloading of trojanized DLLs used in Lazarus APT campaign in the case of a Spanish aerospace company
WindowsImage Load (DLL)
TA0005 · Defense EvasionTA0004 · Privilege EscalationTA0003 · PersistenceT1574.001 · DLL Search Order Hijacking+2
Thurein Oo+1Wed Oct 182023