New Deployed Rules
Process Creation Suspicious Ping-Copy Command Combination LSASS Process Reconnaissance Via Findstr.EXE Firewall Rule Update Via Netsh.EXE Scheduled Task Executing Payload from Registry Potentially Suspicious Call To Win32_NTEventlogFile Class Suspicious Process Execution From Fake Recycle.Bin Folder Rebuild Performance Counter Values Via Lodctr.EXE Potential ShellDispatch.DLL Functionality Abuse New Virtual Smart Card Created Via TpmVscMgr.EXE Potential ReflectDebugger Content […]
