JerryLinLinLin/Huorong-ATP-Rules v0.1.10

on GitHub

更新日志

• 修复 Ransom.DoubleExt.A 规则对于WPS的误报
• 调整 Suspicious.PowerShell.A 规则
• 调整 Suspicious.ScriptHost.A 规则
• 调整 Suspicious.AppCertDLLs.A 规则，默认不启用

What's Changed

• Fix WPS false positives of Ransom.DoubleExt.A rule
• Adjust Suspicious.PowerShell.A rule
• Adjust Suspicious.ScriptHost.A rule
• Adjust Suspicious.AppCertDLLs.A rule, default to be OFF

Full Changelog: v0.1.9...v0.1.10