Truth in Malvertising?
The Splunk SURGe team tests the veracity of the findings from LockBit's February 2021 study on ransomware encryption speeds.
RCE à La Follina (CVE-2022-30190)
The Splunk SURGe team offers a closer look into the Follina MS Office RCE, including a breakdown of what happened, how to detect it, and MITRE ATT&CK mappings.
Gone in 52 Seconds…and 42 Minutes: A Comparative Analysis of Ransomware Encryption Speed
With the release of SURGe's new ransomware research, Splunker Shannon Davis shares a closer look into measuring how fast ransomware encrypts files.
EO, EO, It’s Off to Work We Go! (Protecting Against the Threat of Ransomware with Splunk)
We read the 'What We Urge You To Do To Protect Against The Threat of Ransomware' memo and Executive Order (EO14028) in-depth, and this blog is designed to provide you with the information and takeaways to start acting immediately.
Automated Clean-up of HAFNIUM Shells and Processes with Splunk Phantom
Implement security playbooks to automatically delete Microsoft Exchange Webshells and terminate W3WP spawned processes with Splunk Phantom.
Macros, We Don’t Need No Stinking Macros! — Featuring the New Microsoft O365 Email Add-On
Using Microsoft O365 for your emails? Take a look at the new Microsoft O365 Email Add-on for Splunk to start getting in-depth security and non security data from your emails today.
