phantinuss b0f07faa85 fix: FP with poqexec.exe

2022-08-10 17:28:03 +02:00

..

builtin

Fix issue 3339

2022-08-10 07:44:56 +02:00

create_remote_thread

Merge branch 'aurora-false-positive-fixing' of https://github.com/SigmaHQ/sigma into aurora-false-positive-fixing

2022-07-31 13:23:11 +02:00

create_stream_hash

Update Ref+Selection

2022-07-11 14:11:53 +01:00

dns_query

Update dns_query_win_anonymfiles_com.yml

2022-07-15 16:20:10 +02:00

driver_load

Update driver_load_susp_temp_use.yml

2022-07-28 12:40:30 +01:00

file_access

System FP

2022-07-27 10:52:08 +02:00

file_delete

Update Ref+Selection

2022-07-11 14:11:53 +01:00

file_event

Fix after review

2022-08-05 18:40:12 +01:00

file_rename

fix: typo

2022-07-18 13:27:38 +02:00

image_load

fix: FP with wrongly matching folders

2022-08-10 11:23:42 +02:00

network_connection

fix: FP found in testing

2022-08-09 10:56:00 +02:00

pipe_created

Update pipe_created_psexec_default_pipe_from_susp_location.yml

2022-08-04 19:18:42 +01:00

powershell

Update posh_ps_tamper_defender_remove_mppreference.yml

2022-08-05 18:45:44 +01:00

process_access

fix: do not use wildcard, where not needed

2022-08-09 10:55:05 +02:00

process_creation

fix: FP with Avast

2022-08-10 17:28:02 +02:00

raw_access_thread

…

registry

fix: FP with poqexec.exe

2022-08-10 17:28:03 +02:00

sysmon

Filter start

2022-08-02 10:42:03 +02:00

wmi_event

Reference Update [Batch 1]

2022-07-07 15:24:15 +01:00