Handala Detection Pack v2: Sigma rules for Intune bulk wipe prevention
ThreatHunter.ai published Detection Pack v2 with five new Sigma rules and KQL queries for Microsoft Sentinel covering: MuddyWater pre-positioning IOCs, PIM Authentication Context gap detection, three-layer bulk wipe prevention for Intune, stale session detection, and Rclone exfiltration detection.
ThreatHunter.ai published Detection Pack v2 with five new Sigma rules and KQL queries for Microsoft Sentinel covering: MuddyWater pre-positioning IOCs, PIM Authentication Context gap detection, three-layer bulk wipe prevention for Intune, stale session detection, and Rclone exfiltration detection.