Sublime Core Feed
This repo contains open-source Rules for Sublime, a free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing.
Sublime Security
Last updated May 16th, 2024
Feed Source
Detection Method is
Rule Name & Severity | Author | Last Updated | Labels | |
---|---|---|---|---|
Attachment: DocuSign Impersonation (PDF) linking to New Domain <=3d | Sublime Security | 25 days ago Apr 25th, 2024 | /feeds/core/detection-rules/attachment-docusign-impersonation-pdf-linking-to-new-domain-less3d-f0c96282 | |
Brand impersonation: Microsoft fake sign-in alert | Sublime Security | 25 days ago Apr 25th, 2024 | /feeds/core/detection-rules/brand-impersonation-microsoft-fake-sign-in-alert-3f4c9e7a | |
Brand impersonation: Silicon Valley Bank | Sublime Security | 25 days ago Apr 25th, 2024 | /feeds/core/detection-rules/brand-impersonation-silicon-valley-bank-a01f61d9 | |
Callback Phishing: Branded invoice from sender/reply-to domain less than 30 days old | Sublime Security | 25 days ago Apr 25th, 2024 | /feeds/core/detection-rules/callback-phishing-branded-invoice-from-senderreply-to-domain-less-than-30-days-old-e6f4af53 | |
Impersonation: Suspected supplier impersonation with suspicious content | Sublime Security | 5 days ago May 15th, 2024 | /feeds/core/detection-rules/impersonation-suspected-supplier-impersonation-with-suspicious-content-63d8b1ce | |
Link: Google Firebase Dynamic Link that Redirects to New Domain (<7 days old) | @ajpc500 | 25 days ago Apr 25th, 2024 | /feeds/core/detection-rules/link-google-firebase-dynamic-link-that-redirects-to-new-domain-less7-days-old-5a204a37 | |
New link domain (<=10d) from untrusted sender | Sublime Security | 25 days ago Apr 25th, 2024 | /feeds/core/detection-rules/new-link-domain-less10d-from-untrusted-sender-4805b0e6 | |
New sender domain (<=10d) from untrusted sender | Sublime Security | 25 days ago Apr 25th, 2024 | /feeds/core/detection-rules/new-sender-domain-less10d-from-untrusted-sender-d87fa543 | |
Spam: Fake photo share | Sublime Security | 10 days ago May 10th, 2024 | /feeds/core/detection-rules/spam-fake-photo-share-eb086f7d | |
Spam: New link domain (<=10d) and emojis | Sublime Security | 25 days ago Apr 25th, 2024 | /feeds/core/detection-rules/spam-new-link-domain-less10d-and-emojis-33677993 | |
Suspicious newly registered reply-to domain with engaging financial or urgent language | Sublime Security | 25 days ago Apr 25th, 2024 | /feeds/core/detection-rules/suspicious-newly-registered-reply-to-domain-with-engaging-financial-or-urgent-language-db4d9bb3 | |
VIP impersonation: Fake thread with display name match, email mismatch | Sublime Security | 11 days ago May 9th, 2024 | /feeds/core/detection-rules/vip-impersonation-fake-thread-with-display-name-match-email-mismatch-11cc3e28 |
12 Rules