Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Videos

Coffee Talk with SURGe: 2022-MAY-31 Follina MSDT zero day, ransomware roundup, supply chain risk

Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk broke down the Follina/MSDT zero day vulnerability (CVE-2022-30190), rounded up the latest ransomware activity, and discussed supply chain risk related to Python and PHP libraries. Mick and Ryan competed in a 60 second charity challenge to explain LOLBins before taking a deep dive into the 2022 Verizon Data Breach Investigations Report.

Coffee Talk with SURGe: 2022-MAY-17 Conti Hits Costa Rica, Cardiologist Ransomware, CISA MSP Alert

Coffee Talk with SURGe! Grab a cup of coffee and join Audra Streetman, Mick Baccio, and special guest Haylee Mills for another episode of Coffee Talk with SURGe. The team from Splunk discussed a ransomware attack that prompted Costa Rica to issue a state of emergency, a cardiologist in Venezuela accused of building ransomware tools, and an alert from CISA warning about cyber threats to MSPs. This week Audra and Haylee competed in a 60 second charity challenge on "certs vs. degrees" in cybersecurity before taking a deep dive into Splunk Risk-Based Alerting.

Splunk Global Research: The State of Security 2022

Splunk's State of Security report for 2022 found that security organizations face more — and more serious — challenges than ever before. Exacerbated by the pressures of the pandemic, the rise of dangerous avenues of attack and a crisis of staff burnout, security teams are dealing with a lot: 78% of security and IT leaders say that remote workers are harder to secure 65% of organizations have reported an uptick in attacks during the pandemic 73% within the industry have reported colleagues quitting due to burnout

Coffee Talk with SURGe! 2022-MAY-03 CISA Top Vulnerabilities, Mandiant Zero-Days, State of Security

Grab a cup of coffee and join Ryan Kovar, Audra Streetman, and Mick Baccio for another episode of Coffee Talk with SURGe. This week the team from Splunk discussed CISA's list of the top exploited vulnerabilities for 2021, Mandiant's analysis of 80 zero-days exploited in the wild last year, and signs the ransomware group REvil may be back in operation. Mick and Ryan competed in a 60 second charity countdown on how to solve the talent crisis in cybersecurity before taking a deep dive into the topic of zero-days and vulnerability mining.

Koffee Talk with Kovar

In this special edition of Koffee Talk, Ryan Kovar discusses the whitepaper titled, “An Empirically Comparative Analysis of Ransomware Binaries” authored by SURGe member Shannon Davis. The research reveals that the average ransomware encryption speed is likely beyond the capabilities of most blue teams to detect and mitigate. Shannon will also explain what this means for network defense. Join Ryan and Shannon for this in-depth discussion with snark, deadpan humor, and a look at SURGe’s next phase of ransomware research.

Coffee Talk with SURGe: 2022-APR-19 MS-RPC Vulnerability, Lazarus, Pipedream

This week Audra Streetman, Ryan Kovar, and Mick Baccio from Splunk discussed the latest security news, including the MS-RPC vulnerability CVE 2022 26809, a CISA alert about the North Korean state-sponsored Lazarus Group, and Sunday's 60 Minutes episode on the threat of Russian cyberattacks targeting U.S. critical infrastructure. Mick and Ryan also competed in a 60 second charity challenge to explain why Americans should be concerned about the potential for a Russian cyberattack targeting U.S. critical infrastructure.

Coffee Talk with SURGe: 2022-APR-05 State Department, Elections, Spring4Shell, Certs/Lapsus$, RSA!

Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news and compete in a 60 second charity challenge. You don't want to miss it!

An Analysis of Ransomware Encryption Speeds by Splunk SURGe

Did you know the median time for ransomware to encrypt nearly 100,000 files is 42 minutes and 52 seconds? This speed is likely beyond the capabilities of most organizations to respond effectively before encryption is complete. These findings are the result of research published by SURGe, Splunk’s strategic cybersecurity research team.