Sublime Core Feed
This repo contains open-source Rules for Sublime, a free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing.
Sublime Security
Last updated Mar 21st, 2025
Feed Source
Detection Method is
Rule Name & Severity | Author | Last Updated | Labels | |
|---|---|---|---|---|
Attachment: CVE-2021-40444 - MSHTML Remote Code Execution Vulnerability | Sublime Security | 2y ago Dec 19th, 2023 | /feeds/core/detection-rules/attachment-cve-2021-40444-mshtml-remote-code-execution-vulnerability-8cefcf7f | |
Attachment: Encrypted Microsoft Office file (unsolicited) | Sublime Security | 2y ago Dec 19th, 2023 | /feeds/core/detection-rules/attachment-encrypted-microsoft-office-file-unsolicited-1e47e953 | |
Attachment: Office file contains OLE relationship to credential phishing page | Sublime Security | 3mo ago Dec 18th, 2024 | /feeds/core/detection-rules/attachment-office-file-contains-ole-relationship-to-credential-phishing-page-d55793d0 | |
Attachment: OLE external relationship containing file scheme link to executable filetype | Sublime Security | 3mo ago Dec 18th, 2024 | /feeds/core/detection-rules/attachment-ole-external-relationship-containing-file-scheme-link-to-executable-filetype-33bf6fd4 | |
Attachment: OLE external relationship containing file scheme link to IP address | Sublime Security | 11mo ago Apr 12th, 2024 | /feeds/core/detection-rules/attachment-ole-external-relationship-containing-file-scheme-link-to-ip-address-3aab998c | |
Attachment with auto-executing macro (unsolicited) | Sublime Security | 2y ago Dec 19th, 2023 | /feeds/core/detection-rules/attachment-with-auto-executing-macro-unsolicited-af6624c3 | |
Attachment with high risk VBA macro (unsolicited) | Sublime Security | 2y ago Dec 19th, 2023 | /feeds/core/detection-rules/attachment-with-high-risk-vba-macro-unsolicited-a2b20e16 |