Vendor
This rule detects potential data exfiltration attempts on Linux systems using the curl command-line tool to upload files to external servers, potentially indicating unauthorized data transfer.