sigma-rules

Author SHA1 Message Date

Author	SHA1	Message	Date
Ruben Groenewoud	9ea63f9381	[Security Content] Add Investigation Guides to Linux Persistence Rules - 2 (#3350 ) * [Security Content] Add IGs to Persistence - 2 * [Security Content] Add IGs to Persistence - 2 * fixes * fix * added ig note (cherry picked from commit `26747aa8a4`)	2024-01-20 18:41:15 +00:00
Ruben Groenewoud	7c5664d34d	[New Rule] Suspicious File Creation via Kworker (#3237 ) * [New Rule] Suspicious File Creation via Kworker * Update rules/linux/persistence_kworker_file_creation.toml Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com> --------- Co-authored-by: Colson Wilhoit <48036388+DefSecSentinel@users.noreply.github.com> Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com> (cherry picked from commit `840958d117`)	2023-12-07 22:06:24 +00:00

Ruben Groenewoud

9ea63f9381

[Security Content] Add Investigation Guides to Linux Persistence Rules - 2 (#3350 )

* [Security Content] Add IGs to Persistence - 2

* [Security Content] Add IGs to Persistence - 2

* fixes

* fix

* added ig note

(cherry picked from commit 26747aa8a4)

2024-01-20 18:41:15 +00:00

Ruben Groenewoud

7c5664d34d

[New Rule] Suspicious File Creation via Kworker (#3237 )

* [New Rule] Suspicious File Creation via Kworker

* Update rules/linux/persistence_kworker_file_creation.toml

Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>

---------

Co-authored-by: Colson Wilhoit <48036388+DefSecSentinel@users.noreply.github.com>
Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>

(cherry picked from commit 840958d117)

2023-12-07 22:06:24 +00:00

2 Commits