Tag: Security Research

SeriousSAM or CVE-2021-36934 is a Privilege Escalation Vulnerability. The Splunk Threat Research team recommends performing an assessment to better understand the impact of this vulnerability in corporate environments.

Splunk Security Essentials (SSE) is now part of the Splunk security portfolio and fully supported with an active Splunk Cloud or Splunk Enterprise license. Start using SSE and apply prescriptive guidance and deploy pre-built security detections in your Splunk environment.

The Splunk Threat Research Team has assessed several samples of Trickbot, a popular crimeware carrier that allows malicious actors to deliver multiple types of payloads. Use our pre-built Splunk detections to detect Trickbots.

REvil attackers exploited Kaseya, a highly trusted management software. Here's how security leaders can take actionable steps to improve your business's defenses.

On July 2, 2021, REvil group used Kaseya to distribute malware to its on-premises customers. Splunk has pushed out guidance to help understand and detect REvil. Learn more about the REvil ransomeware group, their tactics, and how to detect them using Splunk.

Announcing the new Splunk Security Cloud – the only data-centric modern security operations platform that delivers enterprise-grade advanced security analytics, automated security operations, and threat intelligence with an open, unparalleled ecosystem.

The Splunk Threat Research team walks you through a new analytic story to help SOC analysts detect adversaries executing password spraying attacks, and highlights a few detections from the May 2021 releases.

Learn more about Splunk Dashboard Studio, a new and intuitive dashboard-building experience, with native capabilities for customizing layout or colors, and adding images or text boxes.

Discover how threat intelligence can offer valuable insights to help fend off future attacks, no matter how covert or cunning they appear to be.