Tag
high
advisory
Suspicious Download from File Sharing Website via LOLBins
3 rules 1 TTP 26 IOCsDetection of suspicious downloads from file sharing and content delivery platforms using living-off-the-land binaries (LOLBins) to identify potential initial access, payload staging, or command and control activity.
Windows
lolbin
file-sharing
cisco-nvm
3r
1t
26i
medium
advisory
Suspicious File Download via Headless Browser
2 rules 2 TTPs 26 IOCsAttackers are leveraging Chromium-based browsers in headless mode with the `--dump-dom` argument to download files from file-sharing services and direct IPs, potentially indicative of reconnaissance or malware delivery.
Chrome +2
headless-browser
file-download
cisco-nvm
2r
2t
26i