Rule Name & Severity | Last Updated | Author | Types, Tactics & Capabilities | |
---|---|---|---|---|
Low reputation link to auto-downloaded HTML file with smuggling indicators | 1d ago Jul 23rd, 2025 UTC | Sublime Security | /feeds/core/detection-rules/low-reputation-link-to-auto-downloaded-html-file-with-smuggling-indicators-339676c6 | |
Attachment: Double Base64-encoded Zip File in HTML Smuggling Attachment | 8d ago Jul 16th, 2025 UTC | @ajpc500 | /feeds/core/detection-rules/attachment-double-base64-encoded-zip-file-in-html-smuggling-attachment-61ebb07b | |
Attachment: HTML Attachment with Login Portal Indicators | 8d ago Jul 16th, 2025 UTC | @ajpc500 | /feeds/core/detection-rules/attachment-html-attachment-with-login-portal-indicators-3aabf4a7 | |
Attachment: Any HTML file within archive (unsolicited) | 8d ago Jul 16th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-any-html-file-within-archive-unsolicited-6a67c02c | |
HTML smuggling containing recipient email address | 8d ago Jul 16th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/html-smuggling-containing-recipient-email-address-af32ff2f | |
Attachment: Any HTML file (untrusted sender) | 8d ago Jul 16th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-any-html-file-untrusted-sender-57a8f5c5 | |
Attachment: HTML With Emoji-to-Character Map | 8d ago Jul 16th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-html-with-emoji-to-character-map-3119d086 | |
Attachment: EML with Suspicious Indicators | 8d ago Jul 16th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-eml-with-suspicious-indicators-deb5d08d | |
Attachment: HTML Smuggling Microsoft Sign In | 8d ago Jul 16th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-html-smuggling-microsoft-sign-in-878d6385 | |
Attachment: Any HTML file (unsolicited) | 8d ago Jul 16th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-any-html-file-unsolicited-ef36763f | |
Attachment: Archive containing HTML file with file scheme link | 8d ago Jul 16th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-archive-containing-html-file-with-file-scheme-link-edf6d0d9 | |
Attachment: HTML smuggling with decimal encoding | 8d ago Jul 16th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-html-smuggling-with-decimal-encoding-f99213c4 | |
Attachment: HTML smuggling with eval and atob via calendar invite | 1mo ago Jun 3rd, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-html-smuggling-with-eval-and-atob-via-calendar-invite-597c2edd | |
Attachment: HTML smuggling with atob and high entropy via calendar invite | 1mo ago Jun 3rd, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-html-smuggling-with-atob-and-high-entropy-via-calendar-invite-94d84614 | |
Attachment: Web Files With Suspicious Comments | 2mo ago Apr 28th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-web-files-with-suspicious-comments-93061d17 | |
Attachment: HTML with obfuscation and recipient's email in JavaScript strings | 3mo ago Apr 10th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-html-with-obfuscation-and-recipients-email-in-javascript-strings-1aff486b | |
Attachment: EML file with HTML attachment (unsolicited) | 3mo ago Mar 28th, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-eml-file-with-html-attachment-unsolicited-c24fd191 | |
Attachment: HTML file with excessive 'const' declarations and abnormally long timeouts | 5mo ago Feb 3rd, 2025 UTC | Sublime Security | /feeds/core/detection-rules/attachment-html-file-with-excessive-const-declarations-and-abnormally-long-timeouts-66f8a07a | |
Attachment: HTML smuggling with atob and high entropy | 10mo ago Aug 29th, 2024 UTC | Sublime Security | /feeds/core/detection-rules/attachment-html-smuggling-with-atob-and-high-entropy-03fcac11 | |
Attachment: HTML smuggling with excessive string concatenation and suspicious patterns | 11mo ago Aug 27th, 2024 UTC | Sublime Security | /feeds/core/detection-rules/attachment-html-smuggling-with-excessive-string-concatenation-and-suspicious-patterns-e34fce8d |