• Sublime Core Feed

Sublime Core Feed

This repo contains open-source Rules for Sublime, a free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing.

Sublime Security
Last updated Sep 13th, 2024
Feed Source
GitHub
Detection Method is
Rule Name & Severity
Author
Last Updated
Labels
Attachment: EML with link to credential phishing page
Sublime Security
2 days ago
Sep 13th, 2024
Credential Phishing
Evasion
Free file host
Free subdomain host
Social engineering
Computer Vision
Content analysis
File analysis
Header analysis
HTML analysis
Natural Language Understanding
Optical Character Recognition
URL analysis
URL screenshot
/feeds/core/detection-rules/attachment-eml-with-link-to-credential-phishing-page-1df41cca
Attachment: HTML smuggling - QR Code with suspicious links
Sublime Security
5 months ago
Apr 25th, 2024
/feeds/core/detection-rules/attachment-html-smuggling-qr-code-with-suspicious-links-010e757d
Attachment: QR code with credential phishing indicators
Sublime Security
2 months ago
Jul 29th, 2024
/feeds/core/detection-rules/attachment-qr-code-with-credential-phishing-indicators-9f1681e1
Brand impersonation: DocuSign image attachment lure with no DocuSign links
Sublime Security
25 days ago
Aug 21st, 2024
/feeds/core/detection-rules/brand-impersonation-docusign-image-attachment-lure-with-no-docusign-links-814a5694
Credential phishing content and link (untrusted sender)
Sublime Security
2 months ago
Jul 29th, 2024
/feeds/core/detection-rules/credential-phishing-content-and-link-untrusted-sender-f0c95bb7
Credential phishing link (unknown sender)
Sublime Security
5 months ago
Apr 25th, 2024
/feeds/core/detection-rules/credential-phishing-link-unknown-sender-a278012b
Free subdomain link with credential theft indicators
Sublime Security
5 months ago
Apr 25th, 2024
/feeds/core/detection-rules/free-subdomain-link-with-credential-theft-indicators-9187479c
Free subdomain link with login or captcha (untrusted sender)
Sublime Security
5 months ago
Apr 25th, 2024
/feeds/core/detection-rules/free-subdomain-link-with-login-or-captcha-untrusted-sender-93288f82
Google Accelerated Mobile Pages (AMP) abuse
Sublime Security
5 months ago
Apr 25th, 2024
/feeds/core/detection-rules/google-accelerated-mobile-pages-amp-abuse-46907029
Google Drive abuse: Credential phishing link
Sublime Security
a month ago
Jul 31st, 2024
/feeds/core/detection-rules/google-drive-abuse-credential-phishing-link-c74aece0
Link: Credential Phishing link with Undisclosed Recipients
Sublime Security
5 months ago
Apr 25th, 2024
/feeds/core/detection-rules/link-credential-phishing-link-with-undisclosed-recipients-06fc155e
Link: Microsoft Dynamics 365 form phishing
Sublime Security
4 months ago
May 3rd, 2024
/feeds/core/detection-rules/link-microsoft-dynamics-365-form-phishing-f72b9085
Link to auto-downloaded file with Adobe branding
Sublime Security
5 months ago
Apr 25th, 2024
/feeds/core/detection-rules/link-to-auto-downloaded-file-with-adobe-branding-e826c2cf
Link to auto-downloaded file with Google Drive branding
Sublime Security
5 months ago
Apr 25th, 2024
/feeds/core/detection-rules/link-to-auto-downloaded-file-with-google-drive-branding-4b5343be
Suspicious recipient pattern and language with low reputation link to login
Sublime Security
5 months ago
Apr 30th, 2024
/feeds/core/detection-rules/suspicious-recipient-pattern-and-language-with-low-reputation-link-to-login-a8ea0402
Suspicious Recipients pattern with no Compauth pass and suspicious content
Sublime Security
19 days ago
Aug 27th, 2024
/feeds/core/detection-rules/suspicious-recipients-pattern-with-no-compauth-pass-and-suspicious-content-34fb65f6
16 Rules