The Splunk SURGe team offers a closer look into the Follina MS Office RCE, including a breakdown of what happened, how to detect it, and MITRE ATT&CK mappings.
In this Hunting with Splunk episode (part 2 or 2), we focus on, you guessed it, pipes. Pipes are a form of inter-process communication (IPC), which can be used for abuse just like processes can.
In this Hunting with Splunk episode (part 1 or 2), we focus on, you guessed it, pipes. Pipes are a form of inter-process communication (IPC), which can be used for abuse just like processes can.
We read the 'What We Urge You To Do To Protect Against The Threat of Ransomware' memo and Executive Order (EO14028) in-depth, and this blog is designed to provide you with the information and takeaways to start acting immediately.