T1568.002

May 29, 2026

Gentlemen Ransomware Campaign: New Hunting Queries for EtherRAT/TukTuk IOCs and Web3 C2 Infrastructure

Two hunting queries added targeting Gentlemen ransomware campaign artifacts including payload hashes and decentralized Web3/SaaS C2 infrastructure used by EtherRAT and TukTuk malware. Read More →

May 6, 2026

Azure Firewall Detection Quality Overhaul: Enhanced Alert Context and Reduced Query Costs

Comprehensive quality improvements to 11 Azure Firewall detections and 5 hunting queries add entity mappings, custom details, and query optimizations to reduce false positives and improve incident context. Read More →

Auto-generated content based on the Azure-Sentinel GitHub repo.

Microsoft Sentinel is a trademark of Microsoft Corporation.