cd
Toggle Menu
whoami
detection
blog
tags
Detections tagged with
AWS CloudTrail
Jan 11, 2025
AWS CloudTrail - CVE-2024-50603 Potential Exploitation Activity
#KQL
#Sentinel
#AWS CloudTrail
#CVE-2024-50603
#T1203
Jan 12, 2025
AWS CloudTrail - New Access Key Created for Root User
#KQL
#Sentinel
#AWS CloudTrail
#T1556
#T1098.001
Jan 13, 2025
AWS CloudTrail - CloudTrail Log Stopped
#KQL
#Sentinel
#AWS CloudTrail
#T1562
Jan 14, 2025
AWS CloudTrail - Console Login Without MFA
#KQL
#Sentinel
#AWS CloudTrail
#Misconfiguration
#T1078.004
Jan 15, 2025
AWS CloudTrail - Failed Login from Root User
#KQL
#Sentinel
#AWS CloudTrail
#T1078.004
#T1110
Jan 16, 2025
AWS VPC - Changes to Inbound Rules Allowing Management Ports
#KQL
#Sentinel
#AWS CloudTrail
#AWS VPC
#T1562.007
Jan 17, 2025
AWS S3 - Changes to Block Public Access Settings
#KQL
#Sentinel
#AWS CloudTrail
#AWS S3
#T1562.007