Skip to content

v3.0.7
Compare
Choose a tag to compare
@josehelps josehelps released this 18 Sep 23:40
v3.0.7
be932e4
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

New Stories

  • Detect Zerologon Attack
  • GCP Cross Account Activity

New Detections

  • GCP Detect OAuth Token Abuse
  • Detect Computer Changed with Anonymous Account
  • Detect Zerologon via Zeek

Updates

  • fixed bug with detection "AWS Detect STS Assume Role Abuse"
  • fixed bug with detection "AWS Detect Role Creation"
  • tagged new Zerologon on detection "Detect Mimikatz Using Loaded Images"
  • tagged new Zerologon on detection "Detect Credential Dumping through LSASS access"

Others

  • Add the ability to tag detections with RBA. See wiki for details.
Assets 3
Loading