valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-08 10:13:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
df35d70ab1
SigmaHQ/rules/windows
History
Nate Guagenti 2163208e9c
update correct process name 
incorrect process name. accidentally had fsutil, should be bcdedit.

thanks to https://twitter.com/INIT_3 for pointing this out
2019-06-01 09:50:50 -04:00
..
builtin win_disable_event_logging.yml: typo in audit policy name; 2019-05-29 15:43:44 +03:00
malware Update win_mal_ursnif.yml 2019-04-14 11:51:13 -05:00
other Converted to use the new process_creation data source 2019-03-09 20:57:59 +03:00
powershell Added missing tags and some minor improvements 2019-03-05 23:25:49 +01:00
process_creation update correct process name 2019-06-01 09:50:50 -04:00
sysmon Rule: applying recommendation 2019-05-23 09:44:25 +02:00