v3.17.0
New Analytic Stories
- Windows Discovery Techniques
New Detections
- Detect Exchange Webshell
Updated Analytic Stories
- Sunburst Malware ( now called NOBELIUM Group)
Updated Detections
- Ryuk Wake On Lan Command
- Any Powershell DownloadFile
- Cobalt Strike Named Pipes
- Suspicious Curl Network Connection
- Detect Mimikatz Using Loaded Images
- W3wp Spawning Shell