Case :
Updates on :
UB4.C1 – Web Surfing
UB4.C2 – Web Actions
Known Interactions:
UB4.C1.K3 – Use distinct browsers
UB4.C2.K1 – Click on Web Links
UB4.C2.K2 – Download Files
Protection :
UB4.C2.K1.P1 – Use a link checker
UB4.C2.K2.P1 – Validate File Extensions
UB4.C2.K2.P2 – Validate FileHashes with Threat Intelligence Sources
Threat :
UB4.C2.K1.T1 – Phishing and Fake Login Pages
UB4.C2.K2.T1 – Download Malicious Files.
KQL Query :
Identify HotSpot connections shared via IPhone
(UB2.C2.K1.T1 – WiFi managed by malicious actors)