modification detection fyi

https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_susp_vscode_powershell_profile/ VsCode Powershell Profile Modification | Detection.FYI Detects the creation or modification of a vscode related powershell profile which could indicate suspicious activity as the profile can be used as a mean of … modification detection fyi vscode powershell profile https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_asep_reg_keys_modification_wow6432node_currentversion/ Wow6432Node Windows NT CurrentVersion Autorun Keys Modification | Detection.FYI Detects modification of autostart extensibility point (ASEP) in registry. modification detection fyi windows nt autorun keys https://detection.fyi/sigmahq/sigma/windows/registry/registry_set/registry_set_asep_reg_keys_modification_classes/ Classes Autorun Keys Modification | Detection.FYI Detects modification of autostart extensibility point (ASEP) in registry. modification detection fyi classes autorun keys https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_schtasks_change/ Suspicious Modification Of Scheduled Tasks | Detection.FYI Detects when an attacker tries to modify an already existing scheduled tasks to run from a suspicious location Attackers can create a simple looking task in … scheduled tasks detection fyi suspicious modification https://detection.fyi/sigmahq/sigma/cloud/aws/cloudtrail/aws_rds_dbcluster_actions/ Modification or Deletion of an AWS RDS Cluster | Detection.FYI Detects modifications to an RDS cluster or its deletion, which may indicate potential data exfiltration attempts, unauthorized access, or exposure of sensitive... aws rds detection fyi modification deletion cluster

Robuta