[Feature Request] Suspicious Hidden Child Process of Launchd

Question

[Feature Request] Suspicious Hidden Child Process of Launchd

MikhailKasimov opened this issue a year ago · 1 comments

[1] https://www.elastic.co/guide/en/security/current/suspicious-hidden-child-process-of-launchd.html
[2] https://community.emergingthreats.net/t/ruleset-update-summary-2023-10-24-v10447/1062:

2048894 - ET HUNTING MacOS Process List in HTTP POST Request (/sbin/launchd) M1 (hunting.rules)
2048895 - ET HUNTING MacOS Process List in HTTP POST Request (/sbin/launchd) M2 (hunting.rules)

Answer 1 · 2023-10-25T01:02:19.000Z

Done in: 7668f35