Skip to main content
false
Footer icon fix, PDB mobile header fix, list css fix
shared header v2
Lucid Search Bar Implementation
Push Down Banner V1 Analytics Patch (3/18/24), remove it if not using v1
Global nav V2 patch, remove after adding the mobile languages fix in the codebase (S7 or S8)
transitional logo header/footer patch

Security Research Blogs

Latest Articles

Security 9 Min Read

Security Insights: JetBrains TeamCity CVE-2024-27198 and CVE-2024-27199

The Splunk Threat Research Team examines exploit operations, analytics, hunting queries, and tips on capturing TeamCity logs.
Security 11 Min Read

Unveiling Phemedrone Stealer: Threat Analysis and Detections

The Splunk Threat Research Team dissects the Phemedrone Stealer.
Security 11 Min Read

Hunting M365 Invaders: Navigating the Shadows of Midnight Blizzard

The Splunk Threat Research Team outlines the attack chain detailed in the Microsoft blog, offering practical detection and hunting tips for cybersecurity defenders.
Security 9 Min Read

Another Year of RATs and Trojan Stealer: Detection Commonalities and Summary

The Splunk Threat Research Team shares analysis, analytic stories and security detections for seven well-known RAT and Trojan Stealer malware families.
Security 5 Min Read

Security Insights: Jenkins CVE-2024-23897 RCE

In response to CVE-2024-23897, the Splunk Threat Research Team has developed new security detections and hunting queries to support defenders.
Security 6 Min Read

Security Insights: Tracking Confluence CVE-2023-22527

In response to CVE-2023-22527, the Splunk Threat Research Team has developed new security detections to support defenders.
Security 8 Min Read

Unmasking the Enigma: A Historical Dive into the World of PlugX Malware

The Splunk Threat Research Team (STRT) unravels the mystery of a PlugX variant, peeling back the layers of its payload, tactics, and impact on the digital realm.
Security 10 Min Read

Take a SIP: A Refreshing Look at Subject Interface Packages

Splunker Michael Haag dives into Subject Interface Packages (SIPs) and their role in Windows security, exploring how SIPs can be exploited by malicious actors to bypass security measures and sign malicious code.
Security 10 Min Read

More Than Just a RAT: Unveiling NjRAT's MBR Wiping Capabilities

The Splunk Threat Research Team (STRT) provides a deep-dive analysis of NjRAT (or Bladabindi), a Remote Access Trojan (RAT) discovered in 2012 that's still active today.