Security Research Blogs
Latest Articles
Process Hunting with PSTree
This tutorial shows how to use the pstree command & app to help you look through all the processes you have to investigate.
Security Insights: JetBrains TeamCity CVE-2024-27198 and CVE-2024-27199
The Splunk Threat Research Team examines exploit operations, analytics, hunting queries, and tips on capturing TeamCity logs.
Unveiling Phemedrone Stealer: Threat Analysis and Detections
The Splunk Threat Research Team dissects the Phemedrone Stealer.
Hunting M365 Invaders: Navigating the Shadows of Midnight Blizzard
The Splunk Threat Research Team outlines the attack chain detailed in the Microsoft blog, offering practical detection and hunting tips for cybersecurity defenders.
Another Year of RATs and Trojan Stealer: Detection Commonalities and Summary
The Splunk Threat Research Team shares analysis, analytic stories and security detections for seven well-known RAT and Trojan Stealer malware families.
Security Insights: Jenkins CVE-2024-23897 RCE
In response to CVE-2024-23897, the Splunk Threat Research Team has developed new security detections and hunting queries to support defenders.
Security Insights: Tracking Confluence CVE-2023-22527
In response to CVE-2023-22527, the Splunk Threat Research Team has developed new security detections to support defenders.
Unmasking the Enigma: A Historical Dive into the World of PlugX Malware
The Splunk Threat Research Team (STRT) unravels the mystery of a PlugX variant, peeling back the layers of its payload, tactics, and impact on the digital realm.
Take a SIP: A Refreshing Look at Subject Interface Packages
Splunker Michael Haag dives into Subject Interface Packages (SIPs) and their role in Windows security, exploring how SIPs can be exploited by malicious actors to bypass security measures and sign malicious code.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
