Aleks B Community
Support via Micro Focus Software Support, with a ticket filed against the associated product.
Micro Focus offers a content partnership program for select partners. Support for Partner Content offerings is provided by the partner and not by Micro Focus of the Micro Focus community.
Micro Focus Community Content is provided by Micro Focus for the benefit of customers, support for it is not available via Micro Focus Software Support but through specific community content forums.
Community Contributed Content is provided by Micro Focus customers and supported by them.
COVID-19 Security Package from SOC Prime is the set of search queries to detect the most active attacks that were detected during the COVID-19 specific phishing and other threats brought on by increased teleworking.
Rules in the package cover 6 MITRE ATT&CK Techniques:
Rules contributed by Florian Roth, SOC Prime team, @blu3_team, Markus Neis, Daniel Bohannon, Roberto Rodriguez
More details about coronavirus phishing campaign and attacks https://socprime.com/en/blog/covid-19-coronavirus-phishing/
Inside the file, you will find a bunch of search queries to detect threats. Just copy and paste it to Event search in the ArcSight ESM Command Center or Logger.
Related content and resources
Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox