![X पर Florian Roth: "Sigma rule to detect Rubeus usage in proc creation events Getting covered: - Windows process creation Event ID 4688 / Sysmon ID 1 - Forward to SIEM - X पर Florian Roth: "Sigma rule to detect Rubeus usage in proc creation events Getting covered: - Windows process creation Event ID 4688 / Sysmon ID 1 - Forward to SIEM -](https://pbs.twimg.com/media/DuxDFenWkAAG36a.jpg)
X पर Florian Roth: "Sigma rule to detect Rubeus usage in proc creation events Getting covered: - Windows process creation Event ID 4688 / Sysmon ID 1 - Forward to SIEM -
![FireEye has been hacked, and their red team tools stolen. They've released the detection/countermeasures on their GitHub! : r/netsec FireEye has been hacked, and their red team tools stolen. They've released the detection/countermeasures on their GitHub! : r/netsec](https://external-preview.redd.it/ZuBxvjC1bN1pRibL0jQQNlm13lzQWcBBilRuAqASqrg.jpg?auto=webp&s=7fac264f2295a3c0ded10312223d56201e7bf4e9)
FireEye has been hacked, and their red team tools stolen. They've released the detection/countermeasures on their GitHub! : r/netsec
![GitHub - VbScrub/Rubeus-GUI: GUI alternative to the Rubeus command line tool, for all your Kerberos exploit requirements GitHub - VbScrub/Rubeus-GUI: GUI alternative to the Rubeus command line tool, for all your Kerberos exploit requirements](https://raw.githubusercontent.com/VbScrub/Rubeus-GUI/GUI-master/Rubeus04.png)