Rule Info
Name
Suspicious Powercfg Execution To Change Lock Screen Timeout
Author
frack113
Description
Detects suspicious execution of 'Powercfg.exe' to change lock screen timeout
Date
2022-11-18 00:00:00
Modified
None
Id
f8d6a15e-4bc8-4c27-8e5d-2b10f0b73e5b
Tags
attack.defense_evasion DEMO
Type
Community Rule
Link to Public Repo
Rule History
Author
Title
Date
Commit
Nasreddine Bencherchali
Merge PR #4482 From @nasbench - Add New Automation Workflows
2023-10-18