Tag
This brief details a Sigma rule designed to detect Antivirus alerts flagging various malicious Remote Access Tools (RATs) such as AgentTesla, AsyncRAT, and NanoCore, highlighting the critical need for investigation into the initial infection vector even when the AV blocks the threat.