valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-08 02:08:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
9f3672fdc0
SigmaHQ/rules
History
GelosSnake 9f3672fdc0 Update win_system_exe_anomaly.yml 
Following sigma event I've noticed my twitter account was referenced:
https://twitter.com/GelosSnake/status/934900723426439170

Rule:
https://github.com/Neo23x0/sigma/blob/master/rules/windows/process_creation/win_system_exe_anomaly.yml

Seems like - '\SystemRoot\System32\\*' is missing and hence triggering an FP.
2020-01-24 15:31:06 +01:00
..
application Added UUIDs to rules 2019-11-12 23:12:27 +01:00
apt fix: fixed missing condition 2019-12-20 15:18:05 +01:00
compliance Added UUIDs to rules 2019-11-12 23:12:27 +01:00
linux Added UUIDs to rules 2019-11-12 23:12:27 +01:00
network Added UUIDs to rules 2019-11-12 23:12:27 +01:00
proxy Merge pull request #561 from Neo23x0/devel 2019-12-12 13:34:58 +01:00
web rule: PulseSecure CVE-2019-11510 attack 2019-11-18 15:33:58 +01:00
windows Update win_system_exe_anomaly.yml 2020-01-24 15:31:06 +01:00