Security

December 01, 2024

2 Minute Read

Security Staff Picks To Read This Month, Handpicked by Splunk Experts

By Tamara Chacon

Hello and welcome! Every month, our Splunk staff of security experts share their favorite reads of the month — this way, you can follow the most interesting, news-worthy, and innovative stories coming from the wide world of cybersecurity.

Here, we'll share a variety of articles, original research, presentations, whitepapers, and customer case stories. Topics that may be covered in these hand-picked reads may include:

Cybersecurity news
InfoSec and computer security
Threat hunting and detection engineering
AI & security
Risk management
Emerging trends
And much more!

We've been running this Security Picks series for years, and now we're making some updates: bookmark this URL, because we'll be making all of our recommendations here moving forward. So, anytime you have a little downtime or are wondering what to read to stay on the nose, check out these security articles hand-picked by security experts.

Security Articles To Read in November 2024

1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies

Author: Daniel Hamid aka hackermondev
Recommended by: Rob Frey (LinkedIn)

Why we like it: What were you doing when you were 15 years old?

New Chrome, Safari, Firefox, Edge Warning—Do Not Shop On These Websites

Author: Zak Doffman
Recommended by: Steve Johnson (LinkedIn)

Why we like it: “With black friday and christmas coming up, typo squatters and other similar url mimics are waiting to steal your credit card and personal info. There are upwards of 4,000 malicious domains.”

Russian Spies Jumped From One Network to Another Via Wi-Fi in an Unprecedented Hack

Author: Andy Greenberg
Recommended by: Steve Johnson (LinkedIn)

Why we like it: “GRU daisy chains wi-fi networks to hack into target”

Global Companies Are Unknowingly Paying North Koreans: Here’s How to Catch Them

Author: Evan Gordenker
Recommended by: Audra Streetman (@audrastreetman / @audrastreetman@infosec.exchange)

Why we like it: “Organizations are becoming more aware of the DPRK IT worker scheme, which not only violates international sanctions, but is also a significant insider threat. To help companies detect DPRK operatives, Palo Alto’s Unit 42 released a strategy that combines IT asset management, contextual analysis, security awareness, and risk matrices. The blog also features a list of additional resources from government agencies, news organizations, and security researchers.”

You Too Can Write a Book!

Author: Shriram Krishnamurthi
Recommended by: David Montero-Suárez (LinkedIn)

Why we like it: “We Information Security professionals write a lot! Reports, ticket comments, chats... Our work almost always takes the form of text and is based on text. If we were to compile a fraction of all that, we would easily come up with a book. It may not be a best seller or college textbook, but it would certainly impact a few that resonate as well with our unique point of view, contributing wonders towards building the overall InfoSec community mindset, culture, and values.”

Zero-Click Flaw Exposes Potentially Millions of Popular Storage Devices to Attack

Author: Kim Zetter
Recommended by: Tamara Chacon (@holly1g0lightly)

Why we like it: “This blog from the amazing Kim Zetter discusses a critical zero-click vulnerability in Synology NAS devices, specifically within the SynologyPhotos app. Which allows attackers to exploit internet-connected devices without user interaction, risking data theft, ransomware, and backdoor installations.”

More Security Recommendations & Resources

That rounds out this month’s security reading recommendations! Check back next month for your next to-reads. In the meantime, check out these resources for more security content:

Splunk Security Teams To Follow

SURGe

Splunk Threat Research Team (STRT)

More Recommendations

Observability Meets Security: Tracing that Connection

Splunker James Hodgkinson looks at how you can use traces to see directly into the workings of an application to find a potential threat.

Security 3 Min Read

Staff Picks for Splunk Security Reading December 2020

These monthly postings will feature the favorite security-centric presentations, white papers and customer case studies from various peeps in the Splunk (or not) security world that WE think everyone should read. If you would like to read other months, please take a peek at previous posts in the "Staff Picks" series!

Security 2 Min Read

Using Splunk Attack Range to Test and Detect Data Destruction (ATT&CK 1485)

Using Splunk Attack Range to test and detect Data Destruction techniques

About Splunk

The Splunk platform removes the barriers between data and action, empowering observability, IT and security teams to ensure their organizations are secure, resilient and innovative.

Founded in 2003, Splunk is a global company — with over 7,500 employees, Splunkers have received over 1,020 patents to date and availability in 21 regions around the world — and offers an open, extensible data platform that supports shared data across any environment so that all teams in an organization can get end-to-end visibility, with context, for every interaction and business process. Build a strong data foundation with Splunk.

Learn more about Splunk