diff --git a/detections/sigma/ninjarmm_network_sigma.yml b/detections/sigma/ninjarmm_network_sigma.yml
index 01730dbe..81a5a57c 100644
--- a/detections/sigma/ninjarmm_network_sigma.yml
+++ b/detections/sigma/ninjarmm_network_sigma.yml
@@ -9,6 +9,18 @@ detection:
     - '*.ninjaone.com'
     - resources.ninjarmm.com
     - ninjaone.com
+    - ninjarmm.net
+    - '*.ninjarmm.net'
+    - rmmservice.eu
+    - '*.rmmservice.eu'
+    - rmmservice.eu
+    - '*.rmmservice.eu'
+    - rmmservice.com.au
+    - '*.rmmservice.com.au'
+    - rmmservice.ca
+    - '*.rmmservice.ca'
+    - ninja-backup.com
+    - '*.ninja-backup.com'
   condition: selection
 id: 36fd47e6-13f9-4eb0-a826-8f34e3e1dc0e
 status: experimental
diff --git a/yaml/ninjarmm.yaml b/yaml/ninjarmm.yaml
index 0a3a32bf..659e4f7f 100644
--- a/yaml/ninjarmm.yaml
+++ b/yaml/ninjarmm.yaml
@@ -32,6 +32,18 @@ Artifacts:
     - '*.ninjaone.com'
     - resources.ninjarmm.com
     - ninjaone.com
+    - ninjarmm.net
+    - '*.ninjarmm.net'
+    - rmmservice.eu
+    - '*.rmmservice.eu'
+    - rmmservice.eu
+    - '*.rmmservice.eu'
+    - rmmservice.com.au
+    - '*.rmmservice.com.au'
+    - rmmservice.ca
+    - '*.rmmservice.ca'
+    - ninja-backup.com
+    - '*.ninja-backup.com'
     Ports: []
 Detections:
 - Sigma: https://github.com/magicsword-io/LOLRMM/blob/main/detections/sigma/ninjarmm_network_sigma.yml