Yes, an old #Sigma rule that detect Office programs spawning processes in user folders would have detected #APT28's recent campaign agains Kazakhstan

Yes, an old #Sigma rule that detect Office programs spawning processes in user folders would have detected #APT28's recent campaign agains Kazakhstan