Security Blogs

This blog, the Splunk Threat Research Team (STRT) showcases a year's evolution of QakBot. We also dive into a recent change in tradecraft meant to evade security controls. Last, we reverse engineered the QakBot loader to showcase some of its functions.

We're proud to be one of the early partners of Amazon Security Lake, allowing joint Splunk and AWS customers to efficiently ingest the OCSF-compliant data to help improve threat detection, investigation and response.

We ran over 400,000 instances of malware to see how good ClamAV really is. Here's the data.