Deprecated Detections
| Name | Data Source | Technique | Type | Analytic Story | Date |
|---|---|---|---|---|---|
| Cobalt Strike Named Pipes | Sysmon EventID 17, Sysmon EventID 18 | Process Injection | TTP | APT37 Rustonotto and FadeStealer, BlackByte Ransomware, Cobalt Strike, DarkSide Ransomware, Gozi Malware, Graceful Wipe Out Attack, Hellcat Ransomware, LockBit Ransomware, Trickbot | 2025-12-04 |
| HTTP Suspicious Tool User Agent | Nginx Access | Web Protocols | Anomaly | HTTP Request Smuggling | 2025-10-09 |