DEV-0537DetectionandHunting
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Publisher | Microsoft Corporation |
| Support Tier | Microsoft |
| Support Link | https://support.microsoft.com |
| Categories | domains |
| Version | 2.0.0 |
| Author | Microsoft - support@microsoft.com |
| First Published | 2022-04-07 |
| Solution Folder | DEV-0537DetectionandHunting |
Microsoft Security teams have been actively tracking a large-scale social engineering and extortion campaign against multiple organizations with some seeing evidence of destructive elements. DEV-0537, also known as LAPSUS$ is known for using a pure extortion and destruction model without deploying ransomware payloads. For more technical and mitigation information, please read the Microsoft Security blog . As Microsoft continues to track DEV-0537’s tactics and techniques, we are also sharing guidance, detections and hunting queries to help our customers better defend against this threat through our security products.
Note: Security Threat Essentials contains security content that is relevant for DEV-0537, please install the solution to enhance your security posture.
Data Connectors
This solution does not include data connectors.
This solution may contain other components such as analytics rules, workbooks, hunting queries, or playbooks.
Content Items
This solution includes 1 content item(s):
| Content Type | Count |
|---|---|
| Hunting Queries | 1 |
Hunting Queries
| Name | Tactics | Tables Used |
|---|---|---|
| test | Test | - |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊