valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 09:48:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update sysmon_lazagne_cred_dump_lsass_access.yml

Browse Source
This commit is contained in:
Jonhnathan 2020-11-20 01:33:04 -03:00 committed by GitHub
parent ebd9973dcb
commit 240a8b9aa0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
rules/windows/process_access/sysmon_lazagne_cred_dump_lsass_access.yml
View File

@ -3,7 +3,7 @@ id: 4b9a8556-99c4-470b-a40c-9c8d02c77ed0
description: Detects LSASS process access by LaZagne for credential dumping.
status: stable
date: 2020/09/09
author: Bhabesh Raj
author: Bhabesh Raj, Jonhnathan Ribeiro
references:
- https://twitter.com/bh4b3sh/status/1303674603819081728
tags: