Sponsor of the Day:
Jerkmate
https://waymo.com/research/improving-the-intra-class-long-tail-in-3d-detection-via-rare-example-mining/
Improving the Intra-class Long-tail in 3D Detection via Rare Example Mining
Continued improvements in deep learning architectures have steadily advanced the overall performance of 3D object detectors to levels on par with humans for...
class long3d detectionimprovingintratail
https://www.forschungsfabrik-mikroelektronik.de/en/Range_Of_Services/Additional-Services/fmd-space/oqmented.html
OQmented – Vehicle environment detection via LiDAR
environment detectionvehiclevialidar
https://newsroom-deezer.com/2025/06/acl-mfrohmann-html/
Double Entendre: Robust Audio-Based AI-Generated Lyrics Detection via Multi-View Fusion - Deezer...
The rapid advancement of AI-based music generation tools is revolutionizing the music industry but also posing challenges to artists, copyright holders, and...
based aidetection viamulti viewdoubleentendre
https://www.semanticscholar.org/search?q=Community+Detection+via+Random+and+Adaptive+Sampling.
Community Detection via Random and Adaptive Sampling. | Semantic Scholar
An academic search engine that utilizes artificial intelligence methods to provide highly relevant results and novel tools to filter them with ease.
community detectionsemantic scholarviarandomadaptive
https://smartdata.polito.it/towards-reference-free-web-phishing-detection-via-graph-neural-networks/
Towards Reference-free Web Phishing Detection via Graph Neural Networks | SmartData@PoliTO
Presenter: Tailai Song Friday, October 3rd, 2025, 10:00 AM Location: Sala Piccola Covivio, Corso Ferrucci 112 ABSTRACT To combat phishing attacks…
graph neural networksreference freephishing detectionsmartdata politotowards
https://github.com/curl/curl/pull/18669
autotools: add support for libgsasl auto-detection via pkg-config by vszakats · Pull Request #18669...
A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP,...
via pkg configadd supportauto detectionpull requestautotools
https://arxiv.org/abs/0904.3860
[0904.3860] Multipartite entanglement detection via structure factors
Abstract page for arXiv paper 0904.3860: Multipartite entanglement detection via structure factors
detection via09043860entanglementstructure
https://waymo.com/research/spg-unsupervised-domain-adaptation-for-3d-object-detection-via-semantic-point-generation/
SPG: Unsupervised Domain Adaptation for 3D Object Detection via Semantic Point Generation
In autonomous driving, a LiDAR-based object detector should perform reliably at different geographic locations and under various weather conditions. While...
3d object detectiondomain adaptationspgunsupervisedvia
https://nmap.org/nmap-fingerprinting-article-pl.html
Remote OS Detection via TCP/IP Fingerprinting - Polskie
How to glean precious information about a host by querying its TCP/IP stack. Classical methods of OS Detection, stack fingerprinting tools, Fyodor's (nmap)...
remote os detectionvia tcp ipfingerprintingpolskie
https://ieeexplore.ieee.org/document/9536958/
Hotspot Detection via Attention-Based Deep Layout Metric Learning | IEEE Journals & Magazine | IEEE...
With the aggressive and amazing scaling of the feature size of semiconductors, hotspot detection has become a crucial and challenging problem in the generation
ieee journals magazinedetection viaattention basedhotspotdeep
https://nmap.org/nmap-fingerprinting-article-mx.html
Remote OS Detection via TCP/IP Fingerprinting - Español
remote os detectionvia tcp ipfingerprinting
https://www.jci.org/articles/view/198861
JCI - Detection of clonal hematopoiesis of indeterminate potential via genome or exome sequencing...
clonal hematopoiesisexome sequencingjcidetectionindeterminate
https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_add_load_service_in_safe_mode/
Registry Persistence via Service in Safe Mode | Detection.FYI
Detects the modification of the registry to allow a driver or service to persist in Safe Mode.
persistence viasafe modedetection fyiregistryservice
https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_esxcli_permission_change_admin/
ESXi Admin Permission Assigned To Account Via ESXCLI | Detection.FYI
Detects execution of the
admin permissionaccount viadetection fyiesxiassigned
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_msra_process_injection/
Potential Process Injection Via Msra.EXE | Detection.FYI
Detects potential process injection via Microsoft Remote Asssistance (Msra.exe) by looking at suspicious child processes spawned from the aforementioned …
exe detection fyiprocess injectionpotentialvia
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_dnscmd_install_new_server_level_plugin_dll/
New DNS ServerLevelPluginDll Installed Via Dnscmd.EXE | Detection.FYI
Detects the installation of a DNS plugin DLL via ServerLevelPluginDll parameter in registry, which can be used to execute code in context of the DNS server …
exe detection fyinew dnsinstalledvia
https://www.first.org/global/sigs/dns/stakeholder-advice/detection/infiltration-and-exfiltration-via-the-dns
DNS Abuse Detection: Infiltration and exfiltration via the DNS
dns abuse detectionexfiltration viainfiltration
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_odbcconf_register_dll_regsvr/
New DLL Registered Via Odbcconf.EXE | Detection.FYI
Detects execution of
exe detection fyinewdllregisteredvia
https://replicate.com/collections/detect-nsfw-content
Run NSFW detection models via API - Replicate
Detect NSFW images, unsafe text, and policy-breaking content using fast filters and advanced guardrail models. Build safer apps with reliable automated...
via api replicatensfw detectionrunmodels
https://detection.fyi/sigmahq/sigma/linux/process_creation/proc_creation_lnx_mkfifo_named_pipe_creation_susp_location/
Potentially Suspicious Named Pipe Created Via Mkfifo | Detection.FYI
Detects the creation of a new named pipe using the
potentially suspiciousnamed pipecreated viadetection fyimkfifo
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_bcp_export_data/
Data Export From MSSQL Table Via BCP.EXE | Detection.FYI
Detects the execution of the BCP utility in order to export data from the database. Attackers were seen saving their malware to a database column or table and …
exe detection fyidata exportmssqltablevia
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_presentationhost_download/
Arbitrary File Download Via PresentationHost.EXE | Detection.FYI
arbitrary file downloadexe detection fyivia
https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_office_vsto/
Potential Persistence Via Visual Studio Tools for Office | Detection.FYI
Detects persistence via Visual Studio Tools for Office (VSTO) add-ins in Office applications.
potential persistence viavisual studiodetection fyitoolsoffice
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_net_start_service/
Start Windows Service Via Net.EXE | Detection.FYI
Detects the usage of the
exe detection fyiwindows servicestartvia
https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_aspnet_temp_files/
Assembly DLL Creation Via AspNetCompiler | Detection.FYI
Detects the creation of new DLL assembly files by
creation viadetection fyiassemblydll
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wmic_recon_group/
Local Groups Reconnaissance Via Wmic.EXE | Detection.FYI
Detects the execution of
exe detection fyilocal groupsreconnaissanceviawmic
https://detection.fyi/sigmahq/sigma/identity/okta/okta_user_session_start_via_anonymised_proxy/
Okta User Session Start Via An Anonymising Proxy Service | Detection.FYI
Detects when an Okta user session starts where the user is behind an anonymising proxy service.
service detection fyiuser sessionoktastartvia
https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_computer_discovery_get_adcomputer/
Computer Discovery And Export Via Get-ADComputer Cmdlet - PowerShell | Detection.FYI
Detects usage of the Get-ADComputer cmdlet to collect computer information and output it to a file
powershell detection fyicomputerdiscoveryexportvia
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_copy_dmp_from_share/
Copy .DMP/.DUMP Files From Remote Share Via Cmd.EXE | Detection.FYI
Detects usage of the copy builtin cmd command to copy files with the
exe detection fyishare viacopydmpdump
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_lodctr_performance_counter_tampering/
Rebuild Performance Counter Values Via Lodctr.EXE | Detection.FYI
Detects the execution of
exe detection fyiperformance counterrebuildvaluesvia
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_vulnerable_driver_blocklist_registry_tampering/
Vulnerable Driver Blocklist Registry Tampering Via CommandLine | Detection.FYI
Detects tampering of the Vulnerable Driver Blocklist registry via command line tools such as PowerShell or REG.EXE. The Vulnerable Driver Blocklist is a …
commandline detection fyitampering viavulnerabledriverblocklist
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_credential_guard_registry_tampering/
Windows Credential Guard Registry Tampering Via CommandLine | Detection.FYI
Detects attempts to add, modify, or delete Windows Credential Guard related registry keys or values via command line tools such as Reg.exe or PowerShell. …
commandline detection fyiwindows credentialtampering viaguardregistry
https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_persistence_mycomputer/
Potential Persistence Via MyComputer Registry Keys | Detection.FYI
Detects modification to the
potential persistence viaregistry keysdetection fyi
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_soundrecorder_audio_capture/
Audio Capture via SoundRecorder | Detection.FYI
Detect attacker collecting audio via SoundRecorder application.
audio capturedetection fyivia
https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_via_use_rundll32/
Invoke-Obfuscation Via Use Rundll32 - PowerShell Module | Detection.FYI
Detects Obfuscated Powershell via use Rundll32 in Scripts
invoke obfuscation viapowershell module detectionuserundll32fyi
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_susp_gather_network_info_execution/
Suspicious Reconnaissance Activity Via GatherNetworkInfo.VBS | Detection.FYI
Detects execution of the built-in script located in
activity viadetection fyisuspiciousreconnaissancevbs
https://lighthouse.guardian360.nl/auth/login
Guardian360 Lighthouse | Scanning, monitoring, detection and compliance via the main security...
guardian360lighthousescanningmonitoringdetection
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_certutil_encode/
File Encoded To Base64 Via Certutil.EXE | Detection.FYI
Detects the execution of certutil with the
via certutil exedetection fyifileencodedbase64
https://detection.fyi/joesecurity/sigma-rules/decodedllviacertutil/
Decode DLL Via Certutil | Detection.FYI
Decode DLL Via Certutil
via certutildetection fyidecodedll
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sc_sdset_hide_sevices/
Service DACL Abuse To Hide Services Via Sc.EXE | Detection.FYI
Detects usage of the
exe detection fyiservices viadaclabusehide
https://detection.fyi/sigmahq/sigma/web/proxy_generic/proxy_ua_rclone/
Rclone Activity via Proxy | Detection.FYI
Detects the use of rclone, a command-line program to manage files on cloud storage, via its default user-agent string
activity viaproxy detectionrclonefyi
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cipher_overwrite_deleted_data/
Deleted Data Overwritten Via Cipher.EXE | Detection.FYI
Detects usage of the
exe detection fyideleted dataoverwrittenviacipher
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_uac_bypass_hijacking_firwall_snap_in/
UAC Bypass via Windows Firewall Snap-In Hijack | Detection.FYI
Detects attempts to bypass User Account Control (UAC) by hijacking the Microsoft Management Console (MMC) Windows Firewall snap-in
uac bypassvia windowsdetection fyifirewallsnap
https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_notepad_plus_plus_persistence/
Potential Persistence Via Notepad++ Plugins | Detection.FYI
Detects creation of new
potential persistence viadetection fyinotepadplugins
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_sysinternals_procdump_lsass/
Potential LSASS Process Dump Via Procdump | Detection.FYI
Detects potential credential harvesting attempts through LSASS memory dumps using ProcDump. This rule identifies suspicious command-line patterns that combine …
detection fyipotentiallsassprocessdump
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_netsh_fw_rules_discovery/
Firewall Configuration Discovery Via Netsh.EXE | Detection.FYI
Adversaries may look for details about the network configuration and settings of systems they access or through information discovery of remote systems
exe detection fyifirewall configurationdiscovery vianetsh
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_assoc_execution/
Change Default File Association Via Assoc | Detection.FYI
Detects file association changes using the builtin
change defaultfile associationdetection fyivia
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_cmd_stdin_redirect/
Read Contents From Stdin Via Cmd.EXE | Detection.FYI
exe detection fyivia cmdreadcontentsstdin
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_windows_defender_tamper/
Suspicious Windows Defender Registry Key Tampering Via Reg.EXE | Detection.FYI
Detects the usage of
exe detection fyisuspicious windowsregistry keytampering viadefender
https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_sysadminctl_add_user_to_admin_group/
User Added To Admin Group Via Sysadminctl | Detection.FYI
Detects attempts to create and add an account to the admin group via
detection fyiuseraddedadmingroup
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_wscript_cscript_dropper/
Potential Dropper Script Execution Via WScript/CScript | Detection.FYI
Detects wscript/cscript executions of scripts located in user directories
script executiondetection fyipotentialdroppervia
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_setspn_spn_enumeration/
Potential SPN Enumeration Via Setspn.EXE | Detection.FYI
Detects service principal name (SPN) enumeration used for Kerberoasting
exe detection fyienumeration viapotentialspn
https://replicate.com/collections/ai-detect-objects
AI object detection & segmentation via API - Replicate
via api replicateai objectdetectionsegmentation
https://detection.fyi/sigmahq/sigma/application/bitbucket/audit/bitbucket_audit_user_login_failure_via_ssh_detected/
Bitbucket User Login Failure Via SSH | Detection.FYI
Detects SSH user login access failures. Please note that this rule can be noisy and is recommended to use with correlation based on
bitbucket uservia sshdetection fyifailure
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_hktl_invoke_obfuscation_via_use_mhsta/
Invoke-Obfuscation Via Use MSHTA | Detection.FYI
Detects Obfuscated Powershell via use MSHTA in Scripts
invoke obfuscation viadetection fyiusemshta
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_certutil_encode_susp_location/
File In Suspicious Location Encoded To Base64 Via Certutil.EXE | Detection.FYI
Detects the execution of certutil with the
via certutil exesuspicious locationdetection fyifileencoded
https://detection.fyi/sigmahq/sigma/emerging-threats/2023/malware/icedid/proc_creation_win_malware_icedid_rundll32_dllregisterserver/
IcedID Malware Suspicious Single Digit DLL Execution Via Rundll32 | Detection.FYI
Detects RunDLL32.exe executing a single digit DLL named
single digitexecution viadetection fyimalwaresuspicious
https://detection.fyi/sigmahq/sigma/macos/process_creation/proc_creation_macos_dsenableroot_enable_root_account/
Root Account Enable Via Dsenableroot | Detection.FYI
Detects attempts to enable the root account via
detection fyirootaccountenablevia
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_explorer_folder_shortcut_via_shell_binary/
File Explorer Folder Opened Using Explorer Folder Shortcut Via Shell | Detection.FYI
Detects the initial execution of
file explorerdetection fyifolderopenedusing
https://detection.fyi/sigmahq/sigma/unsupported/windows/sysmon_process_reimaging/
Defense evasion via process reimaging | Detection.FYI
Detects process reimaging defense evasion technique
defense evasiondetection fyiviaprocessreimaging
https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_via_use_rundll32/
Invoke-Obfuscation Via Use Rundll32 - PowerShell | Detection.FYI
Detects Obfuscated Powershell via use Rundll32 in Scripts
invoke obfuscation viapowershell detection fyiuserundll32
https://detection.fyi/mbabinski/sigma-rules/2024_cicada3301_ransomware/proc_creation_win_hyperv_stopvm/
Hyper-V Virtual Machine Discovery Shutdown via Powershell Cmdlets | Detection.FYI
Detects powershell process used to find and shut down local Hyper-V VMs using the Stop-VM cmdlet, as documented in the 2024 Morphisec report on Cicada3301 …
hyper v virtualvia powershelldetection fyimachinediscovery
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_certutil_download_direct_ip/
Suspicious File Downloaded From Direct IP Via Certutil.EXE | Detection.FYI
Detects the execution of certutil with certain flags that allow the utility to download files from direct IPs.
via certutil exesuspicious filedetection fyidownloadeddirect
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_pua_adfind_enumeration/
PUA - Suspicious ActiveDirectory Enumeration Via AdFind.EXE | Detection.FYI
Detects active directory enumeration activity using known AdFind CLI flags
exe detection fyienumeration viapuasuspicious
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_renamed_binary/
Potential Defense Evasion Via Binary Rename | Detection.FYI
Detects the execution of a renamed binary often used by attackers or malware leveraging new Sysmon OriginalFileName datapoint.
defense evasionrename detectionpotentialviabinary
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_registry_special_accounts_hide_user/
Hiding User Account Via SpecialAccounts Registry Key - CommandLine | Detection.FYI
Detects changes to the registry key
commandline detection fyiuser accountregistry keyhidingvia
https://detection.fyi/sigmahq/sigma/windows/builtin/ldap/win_ldap_recon/
Potential Active Directory Reconnaissance/Enumeration Via LDAP | Detection.FYI
Detects potential Active Directory enumeration via LDAP
active directoryenumeration viadetection fyipotentialreconnaissance