Truth in Malvertising?
The Splunk SURGe team tests the veracity of the findings from LockBit's February 2021 study on ransomware encryption speeds.
RCE à La Follina (CVE-2022-30190)
The Splunk SURGe team offers a closer look into the Follina MS Office RCE, including a breakdown of what happened, how to detect it, and MITRE ATT&CK mappings.
Gone in 52 Seconds…and 42 Minutes: A Comparative Analysis of Ransomware Encryption Speed
With the release of SURGe's new ransomware research, Splunker Shannon Davis shares a closer look into measuring how fast ransomware encrypts files.
Listen To Those Pipes: Part 2
In this Hunting with Splunk episode (part 2 or 2), we focus on, you guessed it, pipes. Pipes are a form of inter-process communication (IPC), which can be used for abuse just like processes can.
Listen To Those Pipes: Part 1
In this Hunting with Splunk episode (part 1 or 2), we focus on, you guessed it, pipes. Pipes are a form of inter-process communication (IPC), which can be used for abuse just like processes can.
EO, EO, It’s Off to Work We Go! (Protecting Against the Threat of Ransomware with Splunk)
We read the 'What We Urge You To Do To Protect Against The Threat of Ransomware' memo and Executive Order (EO14028) in-depth, and this blog is designed to provide you with the information and takeaways to start acting immediately.
