 Florian Roth
|
73706c96ab
|
fix: missing modified date mod
|
2022-05-16 17:24:26 +02:00 |
|
|
Florian Roth
|
9138730dd6
|
keylogger keyword extended
|
2022-05-16 16:03:52 +02:00 |
|
|
Florian Roth
|
2cd5a93fb6
|
refactor: update antivirus rules
|
2022-05-12 17:19:46 +02:00 |
|
|
Paul Hager
|
1fb583b225
|
fix: FP fix
|
2022-03-11 11:46:25 +01:00 |
|
|
phantinuss
|
952fb07d59
|
fix: remove Aurora filter out, no longer needed
|
2022-03-02 11:14:01 +01:00 |
|
|
Florian Roth
|
36b0a13e0f
|
fix: better way to filter these events
|
2022-02-11 12:00:08 +01:00 |
|
|
Florian Roth
|
55a2fdd1c3
|
fix: FP noticed with Aurora
|
2022-02-11 11:58:30 +01:00 |
|
|
Florian Roth
|
44221ed95e
|
fix: Aurora Sigma rule matches in application log
|
2022-02-05 21:38:10 +01:00 |
|
|
Arnim Rupp
|
aab00905f1
|
Update win_av_relevant_match.yml
Add Ransomware and Cobalt Strike strings.
|
2022-02-03 21:43:42 +01:00 |
|
|
frack113
|
5b30db61b0
|
Add windows redcannary rules
|
2022-01-28 16:12:38 +01:00 |
|
|
frack113
|
4631d0c482
|
remove invalid tag
|
2022-01-19 18:23:30 +01:00 |
|
|
frack113
|
73f258e2d1
|
Change double quote to quote
|
2022-01-06 14:02:35 +01:00 |
|
|
frack113
|
e215f4606b
|
Order rules
|
2021-12-04 10:07:07 +01:00 |
|