Rule Library
Sigma Rules
6 rules found for "remotephone"
3,707Total
3,116Detection
451Emerging
137Hunting
Detectioninformationaltest
System Network Discovery - Linux
Detects enumeration of local network configuration
LinuxProcess Creation
TA0007 · DiscoveryT1016 · System Network Configuration Discovery
Ömer Günal and remotephone+1Tue Oct 06linux
Detectionmediumtest
Indicator Removal on Host - Clear Mac System Logs
Detects deletion of local audit logs
macOSProcess Creation
TA0005 · Defense EvasionT1070.002 · Clear Linux or Mac System Logs
remotephone+1Sun Oct 11macos
Detectionlowtest
GUI Input Capture - macOS
Detects attempts to use system dialog prompts to capture user credentials
macOSProcess Creation
TA0009 · CollectionTA0006 · Credential AccessT1056.002 · GUI Input Capture
remotephone+1Tue Oct 13macos
Detectionlowtest
Screen Capture - macOS
Detects attempts to use screencapture to collect macOS screenshots
macOSProcess Creation
TA0009 · CollectionT1113 · Screen Capture
remotephone+1Tue Oct 13macos
Detectionlowtest
Space After Filename - macOS
Detects attempts to masquerade as legitimate files by adding a space to the end of the filename.
macOSProcess Creation
TA0005 · Defense EvasionT1036.006 · Space after Filename
remotephoneSat Nov 20macos
Detectioninformationaltest
System Network Discovery - macOS
Detects enumeration of local network configuration
macOSProcess Creation
TA0007 · DiscoveryT1016 · System Network Configuration Discovery
remotephone+1Tue Oct 06macos