Potential Iisreset Abuse

Rule Info

Name
Potential Iisreset Abuse
Author
X__Junior (Nextron Systems)
Description
Detects iisreset usage to stop the IIS services to prevent users to access the webserver
Date
2024-09-10 00:00:00
Modified
None
Id
0f7d7880-307a-4765-81ed-a37c9d4c97a6
Tags
attack.credential-access attack.t1003.001
Type
Nextron Sigma feed only (private)

Rule History