Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New Rule: X (Twitter) Impersonation with Credential Phishing motives #676

Merged
merged 5 commits into from
Oct 19, 2023
Merged

New Rule: X (Twitter) Impersonation with Credential Phishing motives #676

merged 5 commits into from
Oct 19, 2023

Conversation

morriscode
Copy link
Member

No description provided.

@morriscode
Copy link
Member Author

/update-test-rules

github-actions bot pushed a commit that referenced this pull request Aug 21, 2023
Sync from PR#676
e0976e8 
New Rule: X (Twitter) Impersonation with Credential Phishing motives by @morriscode
#676
Source SHA 0ef157e
Triggered by @morriscode
rw-access
rw-access reviewed Aug 22, 2023
View reviewed changes
detection-rules/impersonation_x_with_credphish_nlu.yml
Comment on lines +2 to +5
description: |
This rule is designed to identify impersonation attempts by analyzing the display name or sender's
local part for the solitary use of "X" provided the email doesn't originate from twitter.com or x.com.
Natural Language Understanding (NLU) is used to check for credential theft requiring a medium-to-high confidence level for flagging.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I saw some tweets/xeets about this one, worth adding anything to references?

@morriscode morriscode enabled auto-merge (squash) October 19, 2023 19:50
@morriscode morriscode merged commit b69fef6 into sublime-security:main Oct 19, 2023
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rw-access rw-access rw-access left review comments

@bfilar bfilar bfilar approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@morriscode @bfilar @rw-access