Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
This query identifies unusual access to cloud storage, particularly from IPs not historically seen accessing the bucket or downloading files. It can be limited to private buckets with sensitive files by setting BucketName values.
| Attribute | Value |
|---|---|
| Type | Hunting Query |
| Solution | Business Email Compromise - Financial Fraud |
| ID | 669e1338-b1a2-4d73-b720-a1e60d5d1474 |
| Tactics | Collection |
| Techniques | T1530 |
| Source | View on GitHub |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
↑ Back to Hunting Queries · Back to Business Email Compromise - Financial Fraud