Security | Threat Detection | Cyberattacks | DevSecOps | Compliance


Threat Update: Industroyer2

The Splunk Threat Research Team (STRT) continues to monitor new relevant payloads to the ongoing conflict in Eastern Europe. One of these new payloads was found by the Ukranian CERT named “Industroyer2.” The name of this new payload references the original "Industroyer" malicious payload used against the country of Ukraine's power grid in 2016 and allegedly was able to affect a fifth of the power capacity of the city of Kyiv.

Penetration Testing: Practical Introduction & Tutorials

You’ve built an awesome business — it is booming and making money. You’ve streamlined all the processes and operations. Business is good. But, when you build something great, it attracts cyber criminals. Your business is valuable to you and cybercriminals can leverage it. That’s why security is important. You can use different security approaches to secure your application, infrastructure and network. In this post we’ll focus on one such approach: penetration testing.

Truth in Malvertising?

Splunk SURGe recently released a whitepaper, blog, and video that outline the encryption speeds of 10 different ransomware families. Early in our research, during the literature review phase, we came across another group that conducted a similar study on ransomware encryption speeds. Who was this group you ask? Well, it was actually one of the ransomware crews themselves.

Coffee Talk with SURGe: 2022-MAY-31 Follina MSDT zero day, ransomware roundup, supply chain risk

Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk broke down the Follina/MSDT zero day vulnerability (CVE-2022-30190), rounded up the latest ransomware activity, and discussed supply chain risk related to Python and PHP libraries. Mick and Ryan competed in a 60 second charity challenge to explain LOLBins before taking a deep dive into the 2022 Verizon Data Breach Investigations Report.

Publish Your Splunk SOAR Apps Faster

The process for our technology partners to publish their SOAR Apps to Splunkbase just got faster and simpler. App updates are now automatically pulled from our partners’ GitHub repositories into the Splunkbase library in a matter of minutes. With 350+ SOAR Apps on Splunkbase across 200+ partners, this process improvement makes Splunk easier to integrate with and more importantly, provides our customers with even faster access to up-to-date Apps.

Get Extended Security Insights from Chrome Browser with Splunk

The way we work has drastically changed since the start of the pandemic. With more companies adopting remote and hybrid work models, there has been a 600% increase in cybercrime and 65% of organizations have seen a measurable increase in attempted cyberattacks, which is particularly problematic since 78% say remote workers are harder to secure.