
Rule Info
Name
Lace Tempest Cobalt Strike Download
Author
Nasreddine Bencherchali (Nextron Systems)
Description
Detects specific command line execution used by Lace Tempest to download Cobalt Strike as reported by SysAid Team
Reference
Date
2023-11-09 00:00:00
Modified
None
Id
aa5b0a40-ed88-46aa-9fdc-0337b379ca9d
Tags
attack.execution detection.emerging_threats DEMO
Type
Community Rule
Link to Public Repo
Rule History
Author
Title
Date
Commit
Nasreddine Bencherchali
Merge PR #4555 from @nasbench - New ET Rules Related To Lace Tempest / SysAid CVE-2023-47246 Exploitation
2023-11-10