Rule Library

Sigma Rules

2 rules found for "Tim Burrell"

3,707Total

3,116Detection

451Emerging

137Hunting

Filters

Type

Severity

Status

Product

Category

Emerging Threathightest

GALLIUM IOCs

Detects artifacts associated with GALLIUM cyber espionage group as reported by Microsoft Threat Intelligence Center in the December 2019 report.

WindowsProcess Creation

TA0006 · Credential AccessTA0011 · Command and ControlT1212 · Exploitation for Credential AccessT1071 · Application Layer Protocol+2

Tim BurrellFri Feb 072020

Emerging Threathightest

GALLIUM Artefacts - Builtin

Detects artefacts associated with activity group GALLIUM - Microsoft Threat Intelligence Center indicators released in December 2019.

Windowsdns-server-analytic

TA0006 · Credential AccessTA0011 · Command and ControlT1071 · Application Layer Protocoldetection.emerging-threats

Tim BurrellFri Feb 072020