Sublime Core Feed
This repo contains open-source Rules for Sublime, a free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing.
Sublime Security
Last updated Apr 28th, 2025
Feed Source
Tactic or Technique is
Rule Name & Severity | Author | Last Updated | Labels | |
|---|---|---|---|---|
Brand impersonation: American Express (AMEX) | Sublime Security | 7mo ago Sep 12th, 2024 | /feeds/core/detection-rules/brand-impersonation-american-express-amex-992a9fa9 | |
Brand impersonation: Aramco | Sublime Security | 6mo ago Oct 10th, 2024 | /feeds/core/detection-rules/brand-impersonation-aramco-96e87699 | |
Brand impersonation: Bank of America | Sublime Security | 10mo ago Jun 14th, 2024 | /feeds/core/detection-rules/brand-impersonation-bank-of-america-d2fc6ea1 | |
Brand impersonation: Barracuda Networks | Sublime Security | 9mo ago Jul 8th, 2024 | /feeds/core/detection-rules/brand-impersonation-barracuda-networks-583fd5eb | |
Brand impersonation: Binance | Sublime Security | 2mo ago Feb 24th, 2025 | /feeds/core/detection-rules/brand-impersonation-binance-c3302a76 | |
Brand impersonation: Blockchain[.]com | Sublime Security | 1y ago Apr 23rd, 2024 | /feeds/core/detection-rules/brand-impersonation-blockchaincom-0d85e555 | |
Brand Impersonation: Capital One | Sublime Security | 2mo ago Feb 20th, 2025 | /feeds/core/detection-rules/brand-impersonation-capital-one-d53848e4 | |
Brand impersonation: Charles Schwab | Sublime Security | 2mo ago Feb 13th, 2025 | /feeds/core/detection-rules/brand-impersonation-charles-schwab-7abde595 | |
Brand impersonation: Chase Bank | Sublime Security | 6d ago Apr 23rd, 2025 | /feeds/core/detection-rules/brand-impersonation-chase-bank-c680f1e7 | |
Brand impersonation: Coinbase | Sublime Security | 1y ago Apr 23rd, 2024 | /feeds/core/detection-rules/brand-impersonation-coinbase-3dca757a | |
Brand impersonation: DHL | Sublime Security | 2mo ago Feb 7th, 2025 | /feeds/core/detection-rules/brand-impersonation-dhl-be4b4ae0 | |
Brand impersonation: Digital Ocean | Sublime Security | 1y ago Mar 4th, 2024 | /feeds/core/detection-rules/brand-impersonation-digital-ocean-7f2f0e97 | |
Brand Impersonation: DocSend | Sublime Security | 7mo ago Sep 11th, 2024 | /feeds/core/detection-rules/brand-impersonation-docsend-cd9a3f7a | |
Brand impersonation: DocuSign | Sublime Security | 1mo ago Mar 28th, 2025 | /feeds/core/detection-rules/brand-impersonation-docusign-4d29235c | |
Brand impersonation: FedEx | Sublime Security | 1mo ago Mar 12th, 2025 | /feeds/core/detection-rules/brand-impersonation-fedex-94a2b602 | |
Brand impersonation: FINRA | Sublime Security | 6mo ago Oct 30th, 2024 | /feeds/core/detection-rules/brand-impersonation-finra-15c81db4 | |
Brand impersonation: Github | Sublime Security | 8mo ago Aug 29th, 2024 | /feeds/core/detection-rules/brand-impersonation-github-9402f92b | |
Brand impersonation: Google using Microsoft Forms | Sublime Security | 2y ago Aug 21st, 2023 | /feeds/core/detection-rules/brand-impersonation-google-using-microsoft-forms-1daac608 | |
Brand impersonation: Gusto | Sublime Security | 1y ago Apr 23rd, 2024 | /feeds/core/detection-rules/brand-impersonation-gusto-54025c1c | |
Brand impersonation: Hulu | Sublime Security | 2mo ago Feb 4th, 2025 | /feeds/core/detection-rules/brand-impersonation-hulu-6833de58 | |
Brand impersonation: Interac | Sublime Security | 7mo ago Sep 16th, 2024 | /feeds/core/detection-rules/brand-impersonation-interac-50a883dc | |
Brand impersonation: KnowBe4 | Sublime Security | 5mo ago Nov 25th, 2024 | /feeds/core/detection-rules/brand-impersonation-knowbe4-7c798386 | |
Brand impersonation: Ledger | Sublime Security | 3mo ago Jan 3rd, 2025 | /feeds/core/detection-rules/brand-impersonation-ledger-5f934755 | |
Brand impersonation: LinkedIn | Sublime Security | 1mo ago Mar 12th, 2025 | /feeds/core/detection-rules/brand-impersonation-linkedin-1a0cde6d | |
Brand Impersonation: Meta and Subsidiaries | Sublime Security | 19d ago Apr 10th, 2025 | /feeds/core/detection-rules/brand-impersonation-meta-and-subsidiaries-e38f1e3b | |
Brand impersonation: Netflix | min0k | 13d ago Apr 16th, 2025 | /feeds/core/detection-rules/brand-impersonation-netflix-9f39eea5 | |
Brand impersonation: Okta | Sublime Security | 1y ago Apr 23rd, 2024 | /feeds/core/detection-rules/brand-impersonation-okta-b7a2989a | |
Brand impersonation: Outlook | Sublime Security | 11mo ago May 29th, 2024 | /feeds/core/detection-rules/brand-impersonation-outlook-1fe5bf7b | |
Brand Impersonation: PayPal | Sublime Security | 19d ago Apr 10th, 2025 | /feeds/core/detection-rules/brand-impersonation-paypal-a6b2ceee | |
Brand impersonation: PNC | Sublime Security | 1y ago Apr 23rd, 2024 | /feeds/core/detection-rules/brand-impersonation-pnc-1b5ae4fb | |
Brand Impersonation: ShareFile | Sublime Security | 2mo ago Jan 29th, 2025 | /feeds/core/detection-rules/brand-impersonation-sharefile-f8330307 | |
Brand impersonation: Silicon Valley Bank | Sublime Security | 1y ago Apr 25th, 2024 | /feeds/core/detection-rules/brand-impersonation-silicon-valley-bank-a01f61d9 | |
Brand impersonation: Spotify | Sublime Security | 1y ago Apr 23rd, 2024 | /feeds/core/detection-rules/brand-impersonation-spotify-70e80f91 | |
Brand Impersonation: Stripe | Sublime Security | 19d ago Apr 10th, 2025 | /feeds/core/detection-rules/brand-impersonation-stripe-862d4654 | |
Brand impersonation: Sublime Security | Sublime Security | 9mo ago Jul 23rd, 2024 | /feeds/core/detection-rules/brand-impersonation-sublime-security-949484ed | |
Brand impersonation: TurboTax | Sublime Security | 2y ago Aug 21st, 2023 | /feeds/core/detection-rules/brand-impersonation-turbotax-90084031 | |
Brand impersonation: Twitter | Sublime Security | 1mo ago Mar 3rd, 2025 | /feeds/core/detection-rules/brand-impersonation-twitter-013c32c2 | |
Brand impersonation: UPS | Sublime Security | 21d ago Apr 8th, 2025 | /feeds/core/detection-rules/brand-impersonation-ups-73b68869 | |
Brand impersonation: Vanta | @itsRobPicard | 1y ago Apr 23rd, 2024 | /feeds/core/detection-rules/brand-impersonation-vanta-883d4382 | |
Brand impersonation: Venmo | Sublime Security | 1y ago Apr 23rd, 2024 | /feeds/core/detection-rules/brand-impersonation-venmo-0ab15d4f | |
Brand impersonation: Wells Fargo | Sublime Security | 3mo ago Jan 15th, 2025 | /feeds/core/detection-rules/brand-impersonation-wells-fargo-02d7301f | |
Fraudulent E-commerce Operators | Sublime Security | 5mo ago Nov 20th, 2024 | /feeds/core/detection-rules/fraudulent-e-commerce-operators-3776a6fc | |
Impersonation: Chrome Web Store Policy | Sublime Security | 1mo ago Mar 18th, 2025 | /feeds/core/detection-rules/impersonation-chrome-web-store-policy-4a98f283 | |
Impersonation: Suspected supplier impersonation with suspicious content | Sublime Security | 2mo ago Feb 3rd, 2025 | /feeds/core/detection-rules/impersonation-suspected-supplier-impersonation-with-suspicious-content-63d8b1ce | |
Link: Recipient Domain in URL Path | Sublime Security | 10mo ago Jul 3rd, 2024 | /feeds/core/detection-rules/link-recipient-domain-in-url-path-de08731f | |
Link to a Domain with Punycode Characters | @ajpc500 | 2y ago Dec 20th, 2023 | /feeds/core/detection-rules/link-to-a-domain-with-punycode-characters-74b3698c | |
Lookalike sender domain (untrusted sender) | Sublime Security | 10mo ago Jun 3rd, 2024 | /feeds/core/detection-rules/lookalike-sender-domain-untrusted-sender-67721993 | |
Punycode sender domain | Sublime Security | 2y ago Aug 21st, 2023 | /feeds/core/detection-rules/punycode-sender-domain-bc3d8db5 | |
Sharepoint Link Likely Unrelated to Sender | Sublime Security | 1mo ago Mar 12th, 2025 | /feeds/core/detection-rules/sharepoint-link-likely-unrelated-to-sender-6870f489 | |
Suspected Lookalike domain with suspicious language | Sublime Security | 4mo ago Dec 24th, 2024 | /feeds/core/detection-rules/suspected-lookalike-domain-with-suspicious-language-3674ced0 |