Tag
medium
advisory
Cisco ASA Logging Message Suppression
2 rules 1 TTPDetection of 'no logging message' command usage on Cisco ASA devices, potentially indicating an adversary suppressing security-critical log events to evade detection.
ASA +3
defense-evasion
impair-defenses
network
2r
1t
high
advisory
Sysmon Driver Unload via fltMC.exe
2 rules 1 TTPDetection of the Sysmon filter driver being unloaded via `fltMC.exe`, which can blind security monitoring and allow malicious actions to go undetected.
Splunk Enterprise +3
defense-evasion
impair-defenses
windows
2r
1t