Vendor: Apple
June 14, 2023 · View on GitHub
Product: macOS
Use-Case: Lateral Movement
| Rules | Models | MITRE ATT&CK® TTPs | Event Types | Parsers |
|---|---|---|---|---|
| 1 | 0 | 2 | 1 | 1 |
| Event Type | Rules | Models |
|---|---|---|
| local-logon | T1550.003 - Use Alternate Authentication Material: Pass the Ticket ↳ EXPERT-PENTEST-DOMAINS: Possible credentials theft attack detected T1558 - Steal or Forge Kerberos Tickets ↳ EXPERT-PENTEST-DOMAINS: Possible credentials theft attack detected |