Rule Info
Name
Potential Exploitation Attempt Of Undocumented WindowsServer RCE
Author
Florian Roth (Nextron Systems), Nasreddine Bencherchali
Description
Detects potential exploitation attempt of undocumented Windows Server Pre Auth Remote Code Execution (RCE)
Date
2023-01-21 00:00:00
Modified
None
Id
6d5b8176-d87d-4402-8af4-53aee9db7b5d
Tags
detection.emerging_threats attack.initial_access attack.t1190 DEMO
Type
Community Rule
Link to Public Repo
Rule History
Author
Title
Date
Commit
github-actions[bot]
Merge PR #4611 from @nasbench - Promote Older Rules Status From `experimental` To `test`
2023-12-01