 Jonhnathan
|
9101dfc064
|
[Security Content] Small tweaks on the setup guides (#3308)
* [Security Content] Small tweaks on the setup guides
* Additional Fixes
* Avoid touching deprecated rules
(cherry picked from commit 458e67918a)
|
2024-03-11 12:15:22 +00:00 |
|
|
Ruben Groenewoud
|
68cfb3dfde
|
[Tuning] Linux DR Tuning - Part 10 (#3462)
* [Tuning] Linux DR Tuning - Part 10
* updated_date bump
* Update persistence_kworker_file_creation.toml
* Update persistence_linux_backdoor_user_creation.toml
---------
Co-authored-by: Colson Wilhoit <48036388+DefSecSentinel@users.noreply.github.com>
(cherry picked from commit a76a3755d9)
|
2024-03-07 10:50:21 +00:00 |
|
|
Ruben Groenewoud
|
0a6ad4adc3
|
[Security Content] Add Investigation Guides to Linux Persistence Rules - 2 (#3350)
* [Security Content] Add IGs to Persistence - 2
* [Security Content] Add IGs to Persistence - 2
* fixes
* fix
* added ig note
(cherry picked from commit 26747aa8a4)
|
2024-01-20 18:41:48 +00:00 |
|
|
Ruben Groenewoud
|
ab0c5154a2
|
[New Rule] Suspicious File Creation via Kworker (#3237)
* [New Rule] Suspicious File Creation via Kworker
* Update rules/linux/persistence_kworker_file_creation.toml
Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>
---------
Co-authored-by: Colson Wilhoit <48036388+DefSecSentinel@users.noreply.github.com>
Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>
(cherry picked from commit 840958d117)
|
2023-12-07 22:06:53 +00:00 |
|