Skip to content

Issues: SigmaHQ/sigma

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort

Issues list

Add Definition to Auditd susp_activity Create Pull-Request issues that should be provided as a pull request Work In Progress Some changes are needed
#5142 opened Dec 25, 2024 by BalsamicSentry
Update WannaCry Ransomware Activity Create Pull-Request issues that should be provided as a pull request
#5131 opened Dec 16, 2024 by nasbench
AWS IAM user login without MFA Create Pull-Request issues that should be provided as a pull request Work In Progress Some changes are needed
#5074 opened Nov 9, 2024 by thuya-hacktilizer
Adding sigma rules related to Restic for Data Exfiltration and CleanUpLoader(Oyster Backdoor) Create Pull-Request issues that should be provided as a pull request Work In Progress Some changes are needed
#5056 opened Oct 20, 2024 by CTI-Driven
Remove ending spaces from selection in posh_ps_susp_invocation_generic.yml False-Positive Issue reporting a false positive with one of the rules
#5034 opened Oct 4, 2024 by BlakeHensleyy
Wrong filter in " Kerberoasting Activity - Initial Query" rule condition? False-Positive Issue reporting a false positive with one of the rules Work In Progress Some changes are needed
#5011 opened Sep 17, 2024 by zambomarcell
DNS Exfiltration rule Work In Progress Some changes are needed
#4889 opened Jun 25, 2024 by pramodpabbati
False Detections with Invoke-Obfuscation and Null Bytes False-Positive Issue reporting a false positive with one of the rules Work In Progress Some changes are needed
#4875 opened Jun 9, 2024 by KDot227
ProTip! Mix and match filters to narrow down what you’re looking for.