Skip to content

Commit

Permalink
Sigma Rule Update (2025-01-15 20:14:35) (#807)
Browse files Browse the repository at this point in the history
Co-authored-by: hach1yon <[email protected]>
  • Loading branch information
github-actions[bot] and hach1yon authored Jan 15, 2025
1 parent e538005 commit 4b58d76
Showing 1 changed file with 2 additions and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ references:
- https://www.crowdstrike.com/blog/falcon-complete-zero-day-exploit-cve-2023-36874/
author: Nasreddine Bencherchali (Nextron Systems)
date: 2023-08-23
modified: 2023-10-08
modified: 2025-01-13
tags:
- attack.execution
- cve.2023-36874
Expand All @@ -34,6 +34,7 @@ detection:
- :\Windows\SysWOW64\
- :\Windows\WinSxS\
- :\WUDownloadCache\ # Windows Update Download Cache
- :\Windows\SoftwareDistribution\Download\
condition: file_event and (selection and not 1 of filter_main_*)
falsepositives:
- Unknown
Expand Down

0 comments on commit 4b58d76

Please sign in to comment.