Sponsor of the Day:
Jerkmate
https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_uac_disable_secure_desktop_prompt/
UAC Secure Desktop Prompt Disabled | Detection.FYI
Detects when an attacker tries to change User Account Control (UAC) elevation request destination via the
disabled detection fyisecure desktopuacprompt
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_reg_write_protect_for_storage_disabled/
Write Protect For Storage Disabled | Detection.FYI
Detects applications trying to modify the registry in order to disable any write-protect property for storage devices. This could be a precursor to a...
disabled detection fyiwriteprotectstorage
https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_hide_file/
Displaying Hidden Files Feature Disabled | Detection.FYI
Detects modifications to the
disabled detection fyihidden filesdisplayingfeature
https://detection.fyi/sigmahq/sigma/cloud/azure/signin_logs/azure_blocked_account_attempt/
Account Disabled or Blocked for Sign in Attempts | Detection.FYI
Detects when an account is disabled or blocked for sign in but tried to log in
account disableddetection fyiblockedsignattempts