GitHub

powershell_fileless_script_contains_base64_encoded_content.yml

description: The following analytic detects the execution of PowerShell scripts containing Base64 encoded content, specifically identifying the use of `FromBase64String`. It leverages PowerShell ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
GitHub

registry_keys_used_for_persistence.yml

description: The following analytic identifies modifications to registry keys commonly used for persistence mechanisms. It leverages data from endpoint detection sources like Sysmon or Carbon Black, ...
Canada

Senior Technical Officer or Advisor

Are you an IT professional who wants to make a real-world difference by helping to keep Canada safe? Are you someone who challenges the status quo and sees challenges as opportunities? At CSIS, our ...
LinkedIn

Axios npm Supply Chain Attack Detection Gaps and Tuning

GitHub - athullyatomy/Detection-Engineering-Sigma-Rules: This repository contains real-world attack scenarios and corresponding Sigma rules, designed to help detect ...