Skip to main content
false
Blogs
Blogs
Blogs

Security Research Blogs

Latest Articles

Security 7 Min Read

Threat Update: AwfulShred Script Wiper
The Splunk Threat Research Team shares their findings on the Linux-targeted destructive payload AwfulShred.
Security 15 Min Read

These Are The Drivers You Are Looking For: Detect and Prevent Malicious Drivers
The Splunk Threat Research Team explores how to detect and prevent malicious drivers and discusses Splunk Security Content available to defend against these types of attacks.
Security 3 Min Read

Level Up Your Cybersecurity with Risk-Based Alerting
In our first blog in the Splunk RBA series, we introduced Risk-Based Alerting (RBA) and covered the basic principles of RBA. In the rest of this series, we explain how you can plan and then implement RBA within your organization.
Security 4 Min Read

The State of Security 2023: Collaboration Is Essential For Building Resilience

Explore the trends and findings in our new report, The State of Security 2023, detailing research on the challenges and opportunities ahead for security leaders and teams.
Security 9 Min Read

Splunk Insights: Investigating the 3CXDesktopApp Supply Chain Compromise
In this Splunk blog post, we aim to equip defenders with the necessary tools and strategies to actively hunt down and counteract this campaign. Additionally, we will offer some resilient analytic ideas that can serve as a foundation for future threat detection and response efforts.
Security 9 Min Read

AsyncRAT Crusade: Detections and Defense
The Splunk Threat Research Team explores detections and defense against the Microsoft OneNote AsyncRAT malware campaign.
Security 11 Min Read

Breaking the Chain: Defending Against Certificate Services Abuse
Explore the common certificate abuses leveraged by current and relevant adversaries in the wild, the multiple methods they use to obtain certificates, how to gather relevant logs and ways to mitigate adversaries stealing certificates.
Security 8 Min Read

Fantastic IIS Modules and How to Find Them
This blog showcases how to enable and ingest IIS operational logs, utilize PowerShell scripted inputs to ingest installed modules and simulate AppCmd and PowerShell adding new IIS modules and disable HTTP logging using Atomic Red Team.
Security 13 Min Read

From Registry With Love: Malware Registry Abuses
The Splunk Threat Research Team explores the common Windows Registry abuses leveraged by current and relevant malware families in the wild and how to detect them.
CONTACT SPLUNK
CONTACT SPLUNK
USER REVIEWS
USER REVIEWS
SPLUNK MOBILE
Download Splunk Mobile on the apple app store
Download Splunk Mobile on the Google Play store
Legal
Patents
Privacy
Sitemap
Website Terms of Use

© 2005 - 2024 Splunk Inc. All rights reserved.