Terrance DeJesus
62eea772d0
* new rule 'AWS S3 Bucket Object Retrieval, Deletion, and Potential Ransom Note Replacement' * fixed technique mapping * added investigation guide; added more ransom note extensions * adjusted lookback and maxspan * added API call to second sequence * updating date * Update rules/integrations/aws/impact_s3_bucket_object_deletion_and_ransomware_note_added.toml Co-authored-by: Ruben Groenewoud <78494512+Aegrah@users.noreply.github.com> * Update rules/integrations/aws/impact_s3_bucket_object_deletion_and_ransomware_note_added.toml Co-authored-by: Ruben Groenewoud <78494512+Aegrah@users.noreply.github.com> * changed rule to ESQL; updated investigation guide * changed file name * removed txt, ecc, and note --------- Co-authored-by: Ruben Groenewoud <78494512+Aegrah@users.noreply.github.com>