activity detection - Robuta Search

https://detection.fyi/sigmahq/sigma/emerging-threats/2020/ta/lazarus/proc_creation_win_apt_lazarus_group_activity/ Lazarus Group Activity | Detection.FYI Detects different process execution behaviors as described in various threat reports on Lazarus group activity activity detection fyi lazarus group https://detection.fyi/sigmahq/sigma/emerging-threats/2017/malware/plugx/proc_creation_win_malware_plugx_susp_exe_locations/ Potential PlugX Activity | Detection.FYI Detects the execution of an executable that is typically used by PlugX for DLL side loading starting from an uncommon location activity detection fyi potential plugx https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_passed_role_to_glue_development_endpoint/ AWS Glue Development Endpoint Activity | Detection.FYI Detects possible suspicious glue development endpoint activity. activity detection fyi aws glue development endpoint https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_rasdial_execution/ Suspicious RASdial Activity | Detection.FYI Detects suspicious process related to rasdial.exe activity detection fyi suspicious https://detection.fyi/sigmahq/sigma/emerging-threats/2021/malware/conti/proc_creation_win_malware_conti_ransomware_commands/ Potential Conti Ransomware Activity | Detection.FYI Detects a specific command used by the Conti ransomware group activity detection fyi conti ransomware potential https://stackoverflow.com/questions/79902282/recommended-client-side-vad-voice-activity-detection-for-long-duration-lecture javascript - Recommended client-side VAD (Voice Activity Detection) for long-duration lecture... We are developing a real-time AI-powered note-taking application (Web-based) designed for university students to record and summarize 50-minute lectures. The... client side activity detection long duration javascript recommended https://help.coderbyte.com/knowledge/suspicious-candidate-activity Suspicious activity detection Coderbyte is committed to ensuring that cheating is both prevented and detected in order for organizations to make data-driven and unbiased hiring decisions.... suspicious activity detection https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_crypto_mining_monero/ Potential Crypto Mining Activity | Detection.FYI Detects command line parameters or strings often used by crypto miners activity detection fyi crypto mining potential https://detection.fyi/sigmahq/sigma/emerging-threats/2018/ta/apt32-oceanlotus/registry_event_apt_oceanlotus_registry/ OceanLotus Registry Activity | Detection.FYI Detects registry keys created in OceanLotus (also known as APT32) attacks activity detection fyi registry https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_ec2_import_key_pair_activity/ AWS Key Pair Import Activity | Detection.FYI Detects the import of SSH key pairs into AWS EC2, which may indicate an attacker attempting to gain unauthorized access to instances. This activity could lead … activity detection fyi aws key pair import https://www.mailjet.com/releases/bot-activity-detection/ Bot Activity Detection | Mailjet May 23, 2025 - Introducing Mailjet's Bot Activity Detection. Get an accurate view of your email engagement by filtering out non-human activity. activity detection bot mailjet https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_eventlog_content_recon/ Potentially Suspicious EventLog Recon Activity Using Log Query Utilities | Detection.FYI Detects execution of different log query utilities and commands to search and dump the content of specific event logs or look for specific event IDs. This … potentially suspicious activity using detection fyi eventlog recon https://www.cyware.com/use-cases/detect-analyze-and-act-on-edr-identified-malicious-processes Automated Detection and Response to Malicious Endpoint Activity | Cyware Transform EDR alerts into automated, actionable incidents with Cyware. Enrich malicious hashes, correlate endpoint context, and orchestrate rapid quarantine... automated detection response malicious endpoint activity https://www.rapid7.com/blog/post/tr-detection-coverage-iran-linked-cyber-activity/ Rapid7 Detection Coverage for Iran-Linked Cyber Activity iran linked cyber detection coverage rapid7 activity https://www.vectra.ai/detections/o365-suspicious-download-activity Vectra AI Detection: M365 Suspicious Download Activity Learn what the M365 Suspicious Download Activity detection is and how to use it to protect your organization from breaches. vectra ai detection m365 suspicious download https://detection.fyi/sigmahq/sigma/emerging-threats/2023/ta/equationgroup/proxy_apt_equation_group_triangulation_c2_coms/ Potential Operation Triangulation C2 Beaconing Activity - Proxy | Detection.FYI Detects potential beaconing activity to domains used in 0day attacks on iOS devices and revealed by Kaspersky and the FSB operation triangulation proxy detection potential c2 activity https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_gather_network_info_execution/ Suspicious Reconnaissance Activity Via GatherNetworkInfo.VBS | Detection.FYI Detects execution of the built-in script located in activity via detection fyi suspicious reconnaissance vbs https://detection.fyi/loginsoft-research/detection-rules/threat-detection/cve-2022-26134/cve-2022-26134_confluence_exploit_activity_webserver/ Confluence Exploit Activity on Webserver Logs | Detection.FYI Detection for Confluence server activity found on webserver logs detection fyi confluence exploit activity webserver https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_ua_rclone/ Rclone Activity via Proxy | Detection.FYI Detects the use of rclone, a command-line program to manage files on cloud storage, via its default user-agent string activity via proxy detection rclone fyi https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_sliver_c2_execution_pattern/ HackTool - Sliver C2 Implant Activity Pattern | Detection.FYI Detects process activity patterns as seen being used by Sliver C2 framework implants pattern detection fyi hacktool sliver c2 implant https://detection.fyi/sigmahq/sigma/emerging-threats/2023/exploits/cve-2023-46747/web_cve_2023_46747_f5_remote_code_execution/ CVE-2023-46747 Exploitation Activity - Webserver | Detection.FYI Detects exploitation activity of CVE-2023-46747 an unauthenticated remote code execution vulnerability in F5 BIG-IP. cve 2023 detection fyi exploitation activity webserver https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_secedit_execution/ Potential Suspicious Activity Using SeCEdit | Detection.FYI Detects potential suspicious behaviour using secedit.exe. Such as exporting or modifying the security policy potential suspicious activity using detection fyi https://www.semanticscholar.org/search?q=Detection+of+Unknown+Computer+Worms+Activity+Based+on+Computer+Behavior+using+Data+Mining. Detection of Unknown Computer Worms Activity Based on Computer Behavior using Data Mining. |... An academic search engine that utilizes artificial intelligence methods to provide highly relevant results and novel tools to filter them with ease. activity based using data detection unknown computer https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_dpapi_backup_and_cert_export_ioc/ DPAPI Backup Keys And Certificate Export Activity IOC | Detection.FYI Detects file names with specific patterns seen generated and used by tools such as Mimikatz and DSInternals related to exported or stolen DPAPI backup keys and... backup keys detection fyi certificate export activity https://detection.fyi/sigmahq/sigma/windows/builtin/security/win_security_susp_lsass_dump/ Password Dumper Activity on LSASS | Detection.FYI Detects process handle on LSASS process with certain access mask and object type SAM_DOMAIN detection fyi password dumper activity lsass https://www.interguardsoftware.com/insider-threat-detection/ Insider Threat Detection - Monitor Employee Computer Activity - InterGuard insider threat detection monitor employee computer activity interguard https://detection.fyi/sigmahq/sigma/windows/image_load/image_load_scrcons_wmi_scripteventconsumer/ WMI ActiveScriptEventConsumers Activity Via Scrcons.EXE DLL Load | Detection.FYI Detects signs of the WMI script host process activity via dll load detection fyi wmi exe https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve-2025-59287/win_wsus_exploit_cve_2025_59287/ Exploitation Activity of CVE-2025-59287 - WSUS Deserialization | Detection.FYI Detects cast exceptions in Windows Server Update Services (WSUS) application logs that highly indicate exploitation attempts of CVE-2025-59287, a … cve 2025 detection fyi exploitation activity wsus