Suspicious HTTP Redirects

Description

Triggered by detecting sequences in HTTP requests that signify a possible exploit.

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Advanced Threat Detection, Security Monitoring

Category

Endpoint Compromise, Malware

Alert Volume

High (?)

SPL Difficulty

None

Journey

Stage 2

MITRE ATT&CK Tactics

Initial Access

MITRE ATT&CK Techniques

Drive-by Compromise

MITRE Threat Groups

APT19
APT32
APT37
APT38
BRONZE BUTLER
Dark Caracal
Darkhotel
Dragonfly
Dragonfly 2.0
Elderwood
Lazarus Group
Leafminer
PLATINUM
PROMETHIUM
Patchwork
RTM
Threat Group-3390
Turla
Windshift

Data Sources

Web Proxy