Outlook EnableUnsafeClientMailRules Setting Enabled - Registry (6763c6c8-bd01-4687-bc8d-4fa52cf8ba08)
Detects an attacker trying to enable the outlook security setting "EnableUnsafeClientMailRules" which allows outlook to run applications or execute macros
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Modify Registry - T1112 (57340c81-c025-4189-8fa0-fc7ede51bae4) | Attack Pattern | Outlook EnableUnsafeClientMailRules Setting Enabled - Registry (6763c6c8-bd01-4687-bc8d-4fa52cf8ba08) | Sigma-Rules | 1 |