Rule Library

Sigma Rules

2 rules found for "wagga"

3,707Total

3,116Detection

451Emerging

137Hunting

Filters

Type

Severity

Status

Product

Category

Emerging Threathightest

CVE-2020-0688 Exploitation via Eventlog

Detects the exploitation of Microsoft Exchange vulnerability as described in CVE-2020-0688

Windowsapplication

TA0001 · Initial AccessT1190 · Exploit Public-Facing Applicationcve.2020-0688detection.emerging-threats

Florian Roth (Nextron Systems)+1Sat Feb 292020

Emerging Threatcriticaltest

Lazarus Group Activity

Detects different process execution behaviors as described in various threat reports on Lazarus group activity

WindowsProcess Creation

G0032 · Lazarus GroupTA0002 · ExecutionT1059 · Command and Scripting Interpreterdetection.emerging-threats

Florian Roth (Nextron Systems)+1Wed Dec 232020