Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Haag's Guided Adventures #3059

Merged
merged 14 commits into from
Jul 26, 2024
Merged

Haag's Guided Adventures #3059

merged 14 commits into from
Jul 26, 2024

Conversation

MHaggis
Copy link
Contributor

@MHaggis MHaggis commented Jul 25, 2024
edited
Loading

New Analytic Story

  • Ivanti EPM Vulnerabilities

New Analytics

  • Ivanti EPM SQL Injection Remote Code Execution

Updated Analytics

  • Detect Remote Access Software Usage DNS
  • Possible Lateral Movement PowerShell Spawn
  • Linux Obfuscated Files or Information Base64 Decode
  • Linux Decode Base64 to Shell
  • Windows Protocol Tunneling with Plink
  • Malicious PowerShell Process - Encoded Command

@patel-bhavin patel-bhavin added this to the v4.37.0 milestone Jul 26, 2024
@patel-bhavin patel-bhavin merged commit 6823575 into develop Jul 26, 2024
7 checks passed
@patel-bhavin patel-bhavin deleted the updates branch July 26, 2024 17:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@patel-bhavin patel-bhavin patel-bhavin approved these changes

@P4T12ICK P4T12ICK Awaiting requested review from P4T12ICK

Assignees
No one assigned
Labels
Detections Stories
Projects
None yet
Milestone
v4.37.0
Development

Successfully merging this pull request may close these issues.
2 participants
@MHaggis @patel-bhavin