Skip to main content
false
Splunk Blogs
Splunk Blogs
Splunk Blogs

Tag: Security Research

Latest Articles

Security 5 Min Read

Securing DevSecOps - Threat Research Release October 2021

Learn how you can secure your development security operations with pre-built and tested Splunk detections and automated playbooks.
Security 7 Min Read

Detecting Remcos Tool Used by FIN7 with Splunk
The following is a walkthrough of Remcos executed via Attack Range Local. We will go over some of the multiple and intrusive operations this remote access tool can execute at compromised hosts.
Security 8 Min Read

FIN7 Tools Resurface in the Field – Splinter or Copycat?
The Splunk Threat Research team addresses the two tools used by the well-organized and highly-skilled criminal group FIN7 — JSS Loader and Remcos.
Security 12 Min Read

Detecting IcedID... Could It Be A Trickbot Copycat?
IcedID is a trojan that has been used in recent malicious campaigns and with new defense bypass methods.
Security 4 Min Read

High(er) Fidelity Software Supply Chain Attack Detection
Software supply chain attacks are not going away. As our network defenses improve, adversaries must move up the chain to stay a step ahead of our defenses.
.conf & .conf Go 3 Min Read

SURGe: Blue Collar for the Blue Team
Splunk has a new security research team focused on in-depth analysis of the latest cybersecurity news to help the public navigate security incidents with confidence using Splunk.
Security 2 Min Read

No Regrets Using Autoregress
The autoregression command, which is a centralized streaming command, is used to calculate a moving average. Learn how to use this command to gather information, just in time for Boss of the SOC v6!
Security 15 Min Read

Active Directory Discovery Detection: Threat Research Release, September 2021

In this blog post, we’ll walk you through this analytic story, demonstrate how we can simulate these attacks using PoshC2 & PurpleSharp to then collect and analyze the resulting telemetry to test our detections.
Security 4 Min Read

PowerShell Detections — Threat Research Release, August 2021
Adversaries are using PowerShell attacks, but luckily the Splunk Threat Research Team (STRT) has developed PowerShell analytics for Splunk by using the Splunk Attack Range to collect the generated logs, and hunt for suspicious PowerShell.
CONTACT SPLUNK
CONTACT SPLUNK
USER REVIEWS
USER REVIEWS
SPLUNK MOBILE
Download Splunk Mobile on the apple app store
Download Splunk Mobile on the Google Play store
Legal
Patents
Privacy
Sitemap
Website Terms of Use

© 2005 - 2024 Splunk Inc. All rights reserved.