Rule Name & Severity | Last Updated | Author | Types, Tactics & Capabilities | |
---|---|---|---|---|
Attachment: Callback Phishing solicitation via pdf file | 3h ago Jun 18th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-callback-phishing-solicitation-via-pdf-file-ac33f097 | |
Attachment: Macro Files Containing MHT Content | 6d ago Jun 12th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-macro-files-containing-mht-content-4d54e40b | |
EML attachment with credential theft language (unknown sender) | 6d ago Jun 12th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/eml-attachment-with-credential-theft-language-unknown-sender-00e06af1 | |
Suspicious message with unscannable Vercel link | 8d ago Jun 10th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/suspicious-message-with-unscannable-vercel-link-b5acffe7 | |
Link: Secure SharePoint file share from new or unusual sender | 8d ago Jun 10th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/link-secure-sharepoint-file-share-from-new-or-unusual-sender-74ed3020 | |
Attachment: Suspicious PDF Created With Headless Browser | 9d ago Jun 9th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-suspicious-pdf-created-with-headless-browser-8f3108d7 | |
Attachment: Legal Themed Message with PDF Containing Suspicious Link | 12d ago Jun 6th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-legal-themed-message-with-pdf-containing-suspicious-link-19133301 | |
Vendor Compromise: GovDelivery Message With Suspicious Link | 14d ago Jun 4th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/vendor-compromise-govdelivery-message-with-suspicious-link-0d2d5172 | |
Encrypted Microsoft Office Files From Untrusted Senders | 14d ago Jun 4th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/encrypted-microsoft-office-files-from-untrusted-senders-eb7b26e7 | |
Malformed URL prefix | 15d ago Jun 3rd, 2025 UTC | Sublime Security | /feeds/core/detection-rules/malformed-url-prefix-4e659d28 | |
Attachment: HTML smuggling with atob and high entropy via calendar invite | 15d ago Jun 3rd, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-html-smuggling-with-atob-and-high-entropy-via-calendar-invite-94d84614 | |
Attachment: HTML smuggling with eval and atob via calendar invite | 15d ago Jun 3rd, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-html-smuggling-with-eval-and-atob-via-calendar-invite-597c2edd | |
Attachment: EML with Suspicious Indicators | 16d ago Jun 2nd, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-eml-with-suspicious-indicators-deb5d08d | |
Suspicious attachment with unscannable Cloudflare link | 16d ago Jun 2nd, 2025 UTC | Sublime Security | /feeds/core/detection-rules/suspicious-attachment-with-unscannable-cloudflare-link-00f92b6f | |
Attachment: Fake attachment image lure | 19d ago May 30th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-fake-attachment-image-lure-96b8b285 | |
Open redirect: typedrawers.com | 26d ago May 23rd, 2025 UTC | Sublime Security | /feeds/core/detection-rules/open-redirect-typedrawerscom-158d9e95 | |
Open Redirect: Xfinity CMP Redirection to Google AMP | 26d ago May 23rd, 2025 UTC | Sublime Security | /feeds/core/detection-rules/open-redirect-xfinity-cmp-redirection-to-google-amp-c0805b80 | |
Open redirect: next2.io | 26d ago May 23rd, 2025 UTC | Sublime Security | /feeds/core/detection-rules/open-redirect-next2io-5085c422 | |
Open redirect: slubnaglowie.pl | 26d ago May 23rd, 2025 UTC | Sublime Security | /feeds/core/detection-rules/open-redirect-slubnaglowiepl-2ec356d0 | |
Service Abuse: Zoom Docs From an Unsolicited Sender Address | 26d ago May 23rd, 2025 UTC | Sublime Security | /feeds/core/detection-rules/service-abuse-zoom-docs-from-an-unsolicited-sender-address-064b2594 |