Justin C
|
8917dd40a8
|
Create Gootkit File Delivery.md
|
2021-06-03 13:32:48 -07:00 |
|
Justin C
|
2d1370a375
|
Rename Suspicious Bitlocker Encryption to Suspicious Bitlocker Encryption.md
|
2021-06-03 13:31:20 -07:00 |
|
Justin C
|
17e21b07e5
|
Create DarkSide.md
|
2021-06-03 13:31:03 -07:00 |
|
Justin C
|
305561d147
|
Create Suspicious Bitlocker Encryption
|
2021-06-03 13:29:46 -07:00 |
|
Justin C
|
f38a2f92df
|
Create Distribution from remote location.md
|
2021-06-03 13:27:59 -07:00 |
|
Justin C
|
aa3549ed98
|
Create File Backup Deletion Alerts.md
|
2021-06-03 13:25:34 -07:00 |
|
Justin C
|
00d9b09ef9
|
Update Potential ransomware activity related to Cobalt Strike.md
|
2021-06-03 13:24:07 -07:00 |
|
Justin C
|
c5acaaf4d1
|
Update Potential ransomware activity related to Cobalt Strike.md
|
2021-06-03 13:23:29 -07:00 |
|
Justin C
|
5f2cd4c1b4
|
Rename Potential ransomware activity tied to Cobalt Strike to Potential ransomware activity related to Cobalt Strike.md
|
2021-06-03 13:22:46 -07:00 |
|
Justin C
|
341308f6e3
|
Create Potential ransomware activity tied to Cobalt Strike
|
2021-06-03 13:15:34 -07:00 |
Dulce Montemayor
|
f6014571a5
|
Merge pull request #353 from martyav/dell-driver-eop-query
Dell driver eop query
|
2021-05-25 12:23:21 -07:00 |
Marty Hernandez Avedon
|
a16bd2d4c3
|
title added
|
2021-05-25 14:53:52 -04:00 |
|
Marty Hernandez Avedon
|
aee2ff08e3
|
added dell driver vulnerability
|
2021-05-25 14:48:22 -04:00 |
tali-ash
|
db669c96f7
|
Merge pull request #351 from microsoft/mjmelone-patch-66
Added SHA256 only version
|
2021-05-20 10:27:30 +03:00 |
Michael Melone
|
beb39525b2
|
Added SHA256 only version
|
2021-05-19 13:47:03 -04:00 |
|
tali-ash
|
b449e42683
|
Merge pull request #344 from microsoft/mjmelone-patch-64
Create Abuse.ch Recent Threat Feed.md
|
2021-05-19 09:29:26 +03:00 |
|
Michael Melone
|
21e48011d8
|
Updated to implement Timestamp limitation
|
2021-05-18 17:00:51 -04:00 |
|
Justin C
|
6895e8ef28
|
Merge pull request #349 from dreadphones/patch-9
Create StrRAT-Malware-Persistence.md
|
2021-05-18 12:32:29 -07:00 |
dreadphones
|
d926e042a6
|
Create StrRAT-Malware-Persistence.md
|
2021-05-18 12:31:52 -07:00 |
|
Justin C
|
c2e3df8124
|
Merge pull request #348 from dreadphones/patch-8
Rename StrRAT-Email-Delivery to StrRAT-Email-Delivery.md
|
2021-05-18 12:29:08 -07:00 |
|
dreadphones
|
c01ef6996c
|
Rename StrRAT-Email-Delivery to StrRAT-Email-Delivery.md
|
2021-05-18 12:28:35 -07:00 |
|
Justin C
|
2f3576d7d8
|
Merge pull request #347 from dreadphones/patch-7
Create StrRAT-Email-Delivery
|
2021-05-18 12:28:15 -07:00 |
|
dreadphones
|
13e38db568
|
Create StrRAT-Email-Delivery
|
2021-05-18 12:27:05 -07:00 |
|
Justin C
|
730c2b9942
|
Merge pull request #346 from dreadphones/patch-6
Create StrRAT-AV-Discovery.md
|
2021-05-18 12:24:37 -07:00 |
|
dreadphones
|
dc6037ccc9
|
Create StrRAT-AV-Discovery.md
|
2021-05-18 12:23:01 -07:00 |
|
tali-ash
|
d415d1d434
|
Merge pull request #342 from microsoft/mjmelone-patch-63
Create Detect Azure RemoteIP.md
|
2021-05-18 13:31:51 +03:00 |
|
Justin C
|
15ddacce13
|
Merge pull request #345 from dreadphones/patch-5
Update PhishingEmailUrlRedirector.md
|
2021-05-14 14:27:57 -07:00 |
|
dreadphones
|
cf7ab69d2f
|
Update PhishingEmailUrlRedirector.md
|
2021-05-14 14:26:00 -07:00 |
|
Michael Melone
|
6b6ab11522
|
Create Abuse.ch Recent Threat Feed.md
|
2021-05-13 12:54:02 -04:00 |
|
Dulce Montemayor
|
7e1a66cd1d
|
Merge pull request #343 from martyav/may-2021-RAT
May 2021 rat
|
2021-05-13 09:48:56 -07:00 |
|
Marty Hernandez Avedon
|
ef66396943
|
updated again after review
|
2021-05-13 12:45:55 -04:00 |
|
Marty Hernandez Avedon
|
31b6e6f7a4
|
updated query for snip3 encoded ps page
|
2021-05-13 08:27:39 -04:00 |
|
Michael Melone
|
ab00f9bf57
|
Create Detect Azure RemoteIP.md
|
2021-05-12 18:46:40 -04:00 |
|
Dulce Montemayor
|
f4e45a7cf9
|
Merge pull request #341 from martyav/may-2021-RAT
Snip3: rename with campaign name forward
|
2021-05-12 08:01:51 -07:00 |
|
Marty Hernandez Avedon
|
2888a08237
|
rename with campaign name forward
|
2021-05-12 10:41:21 -04:00 |
|
Dulce Montemayor
|
38079dcb6a
|
Merge pull request #340 from martyav/may-2021-RAT
queries related to snip3 RATs
|
2021-05-11 13:24:06 -07:00 |
|
Marty Hernandez Avedon
|
4b2903b899
|
added quasarRAT to description
|
2021-05-11 16:18:41 -04:00 |
|
Marty Hernandez Avedon
|
2b64c2116d
|
updated note on prevalence of sandboxie method
|
2021-05-11 15:30:05 -04:00 |
|
Marty Hernandez Avedon
|
0661b14bd9
|
query related to snip3 email keywords
|
2021-05-11 14:53:12 -04:00 |
|
Marty Hernandez Avedon
|
455b9a28ce
|
queries related to snip3 RATs
|
2021-05-11 14:41:13 -04:00 |
|
tali-ash
|
6dce3a1613
|
Rename MCAS - The Hunt.csl to MCAS - The Hunt.txt
|
2021-05-10 17:51:26 +03:00 |
|
tali-ash
|
95db05467a
|
Merge pull request #339 from microsoft/mjmelone-patch-62
Create Hunting in MCAS.csl
|
2021-05-10 17:50:34 +03:00 |
|
tali-ash
|
d5a9d097c5
|
Rename Hunting in MCAS.csl to MCAS - The Hunt.csl
|
2021-05-10 17:49:18 +03:00 |
|
Michael Melone
|
b05a75fa51
|
Create Hunting in MCAS.csl
|
2021-05-10 10:43:43 -04:00 |
|
tali-ash
|
7ef38096c8
|
Add files via upload
|
2021-04-26 18:57:58 +03:00 |
|
Justin C
|
2fde1b4824
|
Merge pull request #337 from dreadphones/patch-4
Update PhishingEmailUrlRedirector.md
|
2021-04-20 13:08:16 -07:00 |
|
dreadphones
|
90bce91edd
|
Update PhishingEmailUrlRedirector.md
Addressing Dulce's suggested change
|
2021-04-20 10:59:39 -07:00 |
|
dreadphones
|
7582c1a6e6
|
Update PhishingEmailUrlRedirector.md
|
2021-04-19 16:46:23 -07:00 |
|
tali-ash
|
300d8f19ff
|
Merge pull request #336 from microsoft/mjmelone-patch-61
Create Detect PowerShell v2 Downgrade.md
|
2021-04-18 10:57:19 +03:00 |
|
Michael Melone
|
d87dc7bd06
|
Create Detect PowerShell v2 Downgrade.md
|
2021-04-16 12:01:53 -04:00 |