==================================================

CREATED: OSX-JAR-EXEC-LIBRARY (#2007)

Description

This detector identifies Java .jar files executing from the Library directory typically found on OSX systems.

==================================================

CREATED: WIN-CMSTP-UAC-BYPASS (#2024)

Description

This detector identifies a User Access Control (UAC) bypass technique by leveraging the CMSTP COM object.

ATT&CK Technique T1191
ATT&CK Technique T1088

Did this answer your question?