Rule Name & Severity | Last Updated | Author | Types, Tactics & Capabilities | |
---|---|---|---|---|
Attachment: USDA Bid Invitation Impersonation | 14d ago May 23rd, 2025 | Sublime Security | /feeds/core/detection-rules/attachment-usda-bid-invitation-impersonation-34eb9493 | |
Attachment: QR Code Link With Base64-Encoded Recipient Address | 2mo ago Mar 27th, 2025 | Sublime Security | /feeds/core/detection-rules/attachment-qr-code-link-with-base64-encoded-recipient-address-927a0c1a | |
Attachment: CVE-2025-24071 - Microsoft Windows File Explorer Spoofing Vulnerability | 2mo ago Mar 21st, 2025 | Sublime Security | /feeds/core/detection-rules/attachment-cve-2025-24071-microsoft-windows-file-explorer-spoofing-vulnerability-2e69fa0b | |
Attachment with VBA macros from employee impersonation (unsolicited) | 1y ago Feb 26th, 2024 | Sublime Security | /feeds/core/detection-rules/attachment-with-vba-macros-from-employee-impersonation-unsolicited-9b262123 | |
Suspicious VBA macros from untrusted sender | 1y ago Feb 23rd, 2024 | Sublime Security | /feeds/core/detection-rules/suspicious-vba-macros-from-untrusted-sender-37cec120 | |
Attachment: Archive contains DLL-loading macro | 2y ago Dec 28th, 2023 | Sublime Security | /feeds/core/detection-rules/attachment-archive-contains-dll-loading-macro-3a193f5f | |
Attachment soliciting user to enable macros | 2y ago Dec 19th, 2023 | Sublime Security | /feeds/core/detection-rules/attachment-soliciting-user-to-enable-macros-e9d75515 | |
Attachment with auto-executing macro (unsolicited) | 2y ago Dec 19th, 2023 | Sublime Security | /feeds/core/detection-rules/attachment-with-auto-executing-macro-unsolicited-af6624c3 | |
Attachment: Encrypted Microsoft Office file (unsolicited) | 2y ago Dec 19th, 2023 | Sublime Security | /feeds/core/detection-rules/attachment-encrypted-microsoft-office-file-unsolicited-1e47e953 | |
Attachment: Potential Sandbox Evasion in Office File | 2y ago Dec 19th, 2023 | @ajpc500 | /feeds/core/detection-rules/attachment-potential-sandbox-evasion-in-office-file-1c591681 | |
Attachment with auto-opening VBA macro (unsolicited) | 2y ago Dec 19th, 2023 | Sublime Security | /feeds/core/detection-rules/attachment-with-auto-opening-vba-macro-unsolicited-d48b3e53 | |
Attachment with high risk VBA macro (unsolicited) | 2y ago Dec 19th, 2023 | Sublime Security | /feeds/core/detection-rules/attachment-with-high-risk-vba-macro-unsolicited-a2b20e16 | |
Attachment with macro calling executable | 2y ago Dec 19th, 2023 | Sublime Security | /feeds/core/detection-rules/attachment-with-macro-calling-executable-5ee6a197 | |
Attachment: CVE-2021-40444 - MSHTML Remote Code Execution Vulnerability | 2y ago Dec 19th, 2023 | Sublime Security | /feeds/core/detection-rules/attachment-cve-2021-40444-mshtml-remote-code-execution-vulnerability-8cefcf7f | |
Attachment: Macro with Suspected Use of COM ShellBrowserWindow Object for Process Creation | 2y ago Dec 19th, 2023 | @ajpc500 | /feeds/core/detection-rules/attachment-macro-with-suspected-use-of-com-shellbrowserwindow-object-for-process-creation-527fc7f0 |