Security Blogs

IcedID is a trojan that has been used in recent malicious campaigns and with new defense bypass methods.

Accompanying today’s announcement from CISA (BOD 22-01) and their new Known Exploited Vulnerabilities Catalog, SURGe and Splunk Threat Research Team (STRT) have coordinated to add functionality into Enterprise Security Content Updates (ESCU). This added functionality will help network defenders understand vulnerability context alongside relevant ESCU detections.

Hi everyone! Welcome to the Splunk staff picks blog. Each month, Splunk security experts curate a list of presentations, white papers, and customer case studies that we feel are worth a read. This month we decided to switch things up and include some of our favorite .conf21 presentations. We hope you enjoy.