Security

March 01, 2025

3 Minute Read

Security Staff Picks To Read This Month, Handpicked by Splunk Experts

By Tamara Chacon

Hello and welcome! Every month, our Splunk staff of security experts share their favorite reads of the month — this way, you can follow the most interesting, news-worthy, and innovative stories coming from the wide world of cybersecurity.

Here, we'll share a variety of articles, original research, presentations, whitepapers, and customer case stories. Topics that may be covered in these hand-picked reads may include:

Cybersecurity news
InfoSec and computer security
Threat hunting and detection engineering
AI & security
Risk management
Emerging trends
And much more!

We've been running this Security Picks series for years, and now we're making some updates: bookmark this URL, because we'll be making all of our recommendations here moving forward. So, anytime you have a little downtime or are wondering what to read to stay on the nose, check out these security articles hand-picked by security experts.

Security articles to read in March 2025

8 Million Requests Later, We Made The SolarWinds Supply Chain Attack Look Amateur

Author: watchTowr Labs
Recommended by: Jeff Walzer (LinkedIn)

Why we like it: Security 101 - basic misconfigurations still persist that put companies at great risk.

ArgFuscator

Author: Wietz Beukema
Recommended by: Bahvin Patel (LinkedIn)

Why we like it: “Wietze's brilliant project, "ArgFuscator," empowers both red teamers and blue teamers to master the craft of command-line obfuscation for enhanced defense strategies. The primary aim of this initiative is to catalogue and share obfuscation methods used against frequently targeted applications in cyberattacks, enabling users to create their own obfuscated command lines. This is a very neat tool that can help cybersecurity defenders rigorously test and refine their systems, ensuring they can effectively counteract and adapt to obfuscation techniques in real-world scenarios.”

Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning

Author: Ravie Lakshmanan
Recommended by: Zachary Christensen (LinkedIn)

Why we like it: “This article provides an interesting look into a hacking collective that exploited known security vulnerabilities to gain initial access. The group utilized a blend of commercially available malware and infrastructure from cybercriminal communities. Their persistent operations underscore organizations' challenges in detecting and mitigating advanced threats. This is another great reminder to remain vigilant with timely patching of known vulnerabilities.”

DeepSeek AI Fails Multiple Security Tests, Raising Red Flag for Businesses

Author: Elizabeth Montalbano
Recommended by: Mark Stricker (LinkedIn)

Why we like it: “One of the big developments in the last few weeks is the release of the DeepSeek AI Model, which is advanced, open source, and free. But you should always be cautious when something looks too good to be true! This article covers the security concerns around Deepseek and AI models in general. The article provides a good starting point for discussions around cybersecurity as it relates to the LLM models that are being released very frequently these days!”

PowerShell Threat Hunting: Identifying Obfuscation Using Standard Deviation

Author: Manuel Arrieta
Recommended by: Sydney Marrone (LinkedIn)

Why we like it: “PowerShell obfuscation is one of my favorite topics, as it was one of the first techniques I ever dug into as a threat hunter. This article does a solid job of taking our querying to the next level by introducing statistical methods—specifically, standard deviation—to detect suspicious command-line activity. Most detections out there rely on basic string matching, but this approach is next-level and can really help combat the ever-evolving sophistication of attacks. Happy thrunting!”

Jen Easterly On The Future of Cybersecurity and Her Agency's Survival

Author: Lily Newman
Recommended by: Tamara Chacon (@holly1g0lightly)

Why we like it: “Lily Newman of WIRED sits down with outgoing CISA director, Jen Easterly. In the video interview they discuss director Easterly's future, her thoughts and hopes for the future of CISA and cybersecurity in the United States.”

More Security Recommendations & Resources

That rounds out this month’s security reading recommendations! Check back next month for your next to-reads. In the meantime, check out these resources for more security content:

Splunk Security Teams To Follow

SURGe

Splunk Threat Research Team (STRT)

More Recommendations

Threat Hunter Intelligence Report

Welcome to Splunk’s Threat Hunter Intelligence Report, a monthly series brought to you by Splunk’s threat hunting and intelligence (THI) team sharing the latest cybersecurity threats and trends to help organizations stay one step ahead of adversaries, one report at a time.

Security 2 Min Read

Why Detection and Response Holds the Key to Data Protection

Enterprises are changing security spending strategies and moving away from prevention-only to focus on threat detection and response

Security 2 Min Read

Making Sense of the New SEC Cybersecurity Rules and What They Could Mean for Your Company

The United States Securities and Exchange Commission’s (SEC) July 26 approval of new cybersecurity 'incident' disclosure rules is top of mind for every public company, and understanding what it means and how companies will be held accountable is crucial.

About Splunk

The world’s leading organizations rely on Splunk, a Cisco company, to continuously strengthen digital resilience with our unified security and observability platform, powered by industry-leading AI.

Our customers trust Splunk’s award-winning security and observability solutions to secure and improve the reliability of their complex digital environments, at any scale.

Learn more about Splunk