Closed dan21san closed 2 months ago
Add a new detection rule about detection of incoming connections via the remote connection tool AnyDesk. This could be a sign of persistence and C2 activities.
This PR is related to the closed one #4897 . Now I fixed the detection.
new: Remote Access Tool - AnyDesk Incoming Connection
N/A
Summary of the Pull Request
Add a new detection rule about detection of incoming connections via the remote connection tool AnyDesk. This could be a sign of persistence and C2 activities.
This PR is related to the closed one #4897 . Now I fixed the detection.
Changelog
new: Remote Access Tool - AnyDesk Incoming Connection
Example Log Event
N/A
Fixed Issues
N/A
SigmaHQ Rule Creation Conventions