Security Blogs
Latest Articles
template
category
category
security
Threat Update DoubleZero Destructor
The Splunk Threat Research Team shares a closer look at a new malicious payload named DoubleZero Destructor (CERT-UA #4243).
Staff Picks for Splunk Security Reading March 2022
Check out our Splunk security experts' curated list of presentations, white papers, and customer case studies that we feel are worth a read in the month of March.
Gone in 52 Seconds…and 42 Minutes: A Comparative Analysis of Ransomware Encryption Speed
With the release of SURGe's new ransomware research, Splunker Shannon Davis shares a closer look into measuring how fast ransomware encrypts files.
Ransomware Encrypts Nearly 100,000 Files in Under 45 Minutes
Splunk SURGe Report reveals the need for ransomware prevention over response and mitigation.
Detecting HermeticWiper
Detecting HermeticWiper destructive software and ransomware decoy with Splunk.
Deep Dive on Persistence, Privilege Escalation Technique and Detection in Linux Platform
Deep dive with the Splunk Threat Research Team on Linux Privilege Escalation and Linux Persistence Techniques.
Linux Persistence and Privilege Escalation: Threat Research January 2022 Release
In this January 2022 release, The Splunk Threat Research (STRT) team focused on the recently released Sysmon for Linux technology addition to Splunk.
Staff Picks for Splunk Security Reading February 2022
Each month, Splunk security experts curate a list of news articles, research, white papers, and customer case studies that we feel are worth a read. We hope you enjoy!
Introducing Synthetic Adversarial Log Objects (SALO)
Synthetic Adversarial Log Objects (SALO) is a framework for the generation of log events without the need for infrastructure or actions to initiate the event that causes a log event. Learn more about its purpose and how you can utilize it.