LoFP
/
t1573
t1573
Title
Tags
false positives may be present if the organization works with international businesses. filter as needed.
t1573
network
splunk
legitimate administrative script
t1059
t1059.001
t1098
t1132
t1132.001
t1136
t1136.002
t1553
t1553.004
t1571
t1573
t1574
t1574.011
t1574.012
windows
sigma
user using a vpn or proxy
t1573
m365
sigma
LoFP
/
t1573