Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
This analytics rule detects high-severity ransomware threats targeting the organization, as reported by CYFIRMA's Dark Web and Data Breach Intelligence feeds. The alert is generated when threat actors post, claim, or associate ransomware activity with corporate domains, brands, or subsidiaries, indicating a potential data breach, extortion attempt, or unauthorized access.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | Cyfirma Digital Risk |
| ID | d5f9a6fe-7fd2-488c-8690-0ca24fba43dc |
| Severity | Medium |
| Status | Available |
| Kind | Scheduled |
| Tactics | InitialAccess, Exfiltration |
| Techniques | T1566.001, T1566.002, T1566.003 |
| Required Connectors | CyfirmaDigitalRiskAlertsConnector |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
CyfirmaDBWMRansomwareAlerts_CL |
? | ✓ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊