598d29f811
Merge PR #4950 from @nasbench - Comply With v2 Spec Changes
...
chore: change tags, date, modified fields to comply with v2 of the Sigma spec.
chore: update the related type from `obsoletes` to `obsolete`.
chore: update local json schema to the latest version.
2024-08-12 12:02:50 +02:00
1d40f1d20b
Merge PR #4893 from @ryanplasma - Update Microsoft references URLS
...
chore: update Microsoft references link to use the "learn" subdomain instead of "docs".
---------
Co-authored-by: nasbench <8741929+nasbench@users.noreply.github.com >
Thanks: @ryanplasma
2024-07-02 12:00:11 +02:00
52e39113b9
Merge PR #4503 from @nasbench - Multiple Updates & Fixes
...
fix: Suspicious Sysmon as Execution Parent - Typo and restructure
update: Antivirus PrinterNightmare CVE-2021-34527 Exploit Detection
update: Antivirus Relevant File Paths Alerts
update: Dump Ntds.dit To Suspicious Location
update: MSI Installation From Suspicious Locations
update: PowerShell Profile Modification - Reduce rule level to medium
update: Obfuscated IP Download Activity
---------
Co-authored-by: frack113 <62423083+frack113@users.noreply.github.com >
2023-10-28 12:55:32 +02:00
020fc8061f
Merge PR #4479 From @frack113 - Upgrade Rules Status
...
chore: Upgrade status level from `experimental` to `test` for rules that have not changed in 300 days
---------
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com >
Co-authored-by: nasbench <8741929+nasbench@users.noreply.github.com >
2023-10-17 14:35:26 +02:00
9d8e81241c
Merge PR #4471 From @jkb-s - Update ATT&CK Tags
...
update: Ntdsutil Abuse - Update ATT&CK tags
2023-10-08 23:04:09 +02:00
6949ebf244
chore: rename folders
2023-04-14 16:55:41 +02:00
Nasreddine Bencherchali