Techniques
Sample rules
Potential RDP Exploit CVE-2019-0708
- source: sigma
- technicques:
- t1210
Description
Detect suspicious error on protocol RDP, potential CVE-2019-0708
Detection logic
condition: selection
selection:
EventID:
- 56
- 50
Provider_Name: TermDD