Tag: Arunkumar Krishna

CVE-2020-1350 (SIGRed) Exploitation Detection with Threat Hunting Rules
CVE-2020-1350 (SIGRed) Exploitation Detection with Threat Hunting Rules

Today we introduce a special digest of content that helps to detect exploitation of a critical vulnerability in Windows DNS Servers. The vulnerability became known only two days ago, but since then, both the SOC Prime team (represented by Nate Guagenty) and the Threat Bounty Program participants have published 10+ rules for detecting various ways […]

Read More
Rule Digest: RCE, CVE, OilRig and more
Rule Digest: RCE, CVE, OilRig and more

This digest includes rules from both members of the Threat Bounty Program and the SOC Prime Team. Let’s start with rules by Arunkumar Krishna which will debut in our Rule Digest with CVE-2020-0932: A Remote Code Execution Bug in Microsoft SharePoint. CVE-2020-0932 was patched in April, it allows authenticated users to execute arbitrary code on […]

Read More