 Ruben Groenewoud
|
9017653e37
|
[Rule Tuning] Linux DR Tuning - Part 1 (#3316)
* [Rule Tuning] Linux DR Tuning - Part 1
* fix
* Update command_and_control_linux_kworker_netcon.toml
* Update defense_evasion_binary_copied_to_suspicious_directory.toml
* Update defense_evasion_file_mod_writable_dir.toml
(cherry picked from commit b533642272)
|
2024-01-08 08:55:30 +00:00 |
|
|
shashank-elastic
|
8fee26a296
|
Enhance Setup Guide information (#3256)
(cherry picked from commit d52546eee5)
|
2023-11-03 13:42:18 +00:00 |
|
|
shashank-elastic
|
c13ba83a91
|
Setup information for Linux Rules - Set8 (#3200)
(cherry picked from commit 5c5d1b214b)
|
2023-10-30 15:35:24 +00:00 |
|
|
Ruben Groenewoud
|
aed94d0655
|
[New Rule] Network Activity Detected via kworker (#3202)
* [New Rule] Potential curl CVE-2023-38545 Exploitation
* Revert "[New Rule] Potential curl CVE-2023-38545 Exploitation"
This reverts commit 9c04d1b53d3d63678289f43ec0c7b617d26f1ce0.
* [New Rule] Network Activity Detected via kworker
* White space
* Update rules/linux/command_and_control_linux_kworker_netcon.toml
* Update rules/linux/command_and_control_linux_kworker_netcon.toml
* Update rules/linux/command_and_control_linux_kworker_netcon.toml
* Update command_and_control_linux_kworker_netcon.toml
* Update rules/linux/command_and_control_linux_kworker_netcon.toml
Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>
* Update rules/linux/command_and_control_linux_kworker_netcon.toml
Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>
* Update command_and_control_linux_kworker_netcon.toml
---------
Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>
(cherry picked from commit 1ac3775743)
|
2023-10-25 13:31:31 +00:00 |
|