Sublime Core Feed
This repo contains open-source Rules for Sublime, a free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing.
Sublime Security
Last updated Apr 28th, 2025
Feed Source
Tactic or Technique is
Rule Name & Severity | Author | Last Updated | Labels | |
|---|---|---|---|---|
Google Share Notification with Suspicious Comments | Sublime Security | 22d ago Apr 8th, 2025 | /feeds/core/detection-rules/google-share-notification-with-suspicious-comments-c69c9924 | |
Suspicious Request for Financial Information | Sublime Security | 5mo ago Nov 25th, 2024 | /feeds/core/detection-rules/suspicious-request-for-financial-information-4ebdaa4d | |
VIP / Executive impersonation in subject (untrusted) | Sublime Security | 10mo ago Jun 11th, 2024 | /feeds/core/detection-rules/vip-executive-impersonation-in-subject-untrusted-0a641fe5 | |
VIP / Executive impersonation (untrusted) | Sublime Security | 11mo ago May 7th, 2024 | /feeds/core/detection-rules/vip-executive-impersonation-untrusted-e42c84b7 | |
VIP impersonation: Fake thread with display name match, email mismatch | Sublime Security | 9mo ago Jul 29th, 2024 | /feeds/core/detection-rules/vip-impersonation-fake-thread-with-display-name-match-email-mismatch-11cc3e28 | |
VIP impersonation with charitable donation fraud | Sublime Security | 6mo ago Oct 8th, 2024 | /feeds/core/detection-rules/vip-impersonation-with-charitable-donation-fraud-35a56b8e | |
VIP impersonation with invoicing request | Sublime Security | 1y ago Apr 23rd, 2024 | /feeds/core/detection-rules/vip-impersonation-with-invoicing-request-a60f89a0 | |
VIP impersonation with urgent request (untrusted sender) | Sublime Security | 4mo ago Dec 12th, 2024 | /feeds/core/detection-rules/vip-impersonation-with-urgent-request-untrusted-sender-0dd1fa60 | |
VIP local_part impersonation from unsolicited sender | Sublime Security | 5mo ago Nov 20th, 2024 | /feeds/core/detection-rules/vip-localpart-impersonation-from-unsolicited-sender-74035fdc |