Tag
high
advisory
ScreenConnect 26.1 Cryptographic Material Protection Vulnerability
2 rules 1 TTPScreenConnect version 26.1 has a vulnerability related to the insufficient protection of server-level cryptographic material, potentially allowing unauthorized access and data compromise.
screenconnect
vulnerability
cryptographic-material
2r
1t
medium
advisory
Suspicious ScreenConnect Client Child Process Activity
2 rules 11 TTPs 2 CVEsThis rule identifies suspicious child processes spawned by ScreenConnect client processes, potentially indicating unauthorized access and command execution abusing ScreenConnect remote access software to perform malicious activities such as data exfiltration or establishing persistence.
Elastic Defend +3
command-and-control
defense-evasion
execution
persistence
screenconnect
2r
11t
2c