SecureDetection is SecureBug’s open culture community that allows you to evaluate your offensive and defensive skills in addition to letting you exchange your ideas and methodologies with thousands of people in the security field.
Join Nordic's No.1 Crowdsourced Security Platform For Offensive & Defensive Security Strategies.

F5 BIG-IP critical vulnerability

Detect F5 BIG-IP Critical Vulnerability Exploitation Attempt with Free Sigma Detection Rule

  To apply this detection rule, you can convert it to your SIEM language. It is also recommended to update BIG-IP to the latest version. More information available here.  You can also detect CMSTP.exe with INF files infected with malicious commands with our previous free Splunk detection rule.   Secure Your Organization’s Mind with

block indicators

Detect Indicator Blocking with these free splunk Detection Rules

An adversary may attempt to block indicators or events typically captured by sensors from being gathered and analyzed. This could include maliciously redirecting or even disabling host-based sensors, such as Event Tracing for Windows (ETW), by tampering settings that control the collection and flow of event telemetry.  These settings may be stored on the system in configuration files…