Companies are under more threat than ever. The rise in cyber threats is alarming: 2021 saw a 30% increase in cyberattacks compared with 2020. Even sophisticated systems with complex countermeasure technologies for security may be vulnerable to attack. Many organizations turn to hackers to counteract these threats. Ethical hackers use the tools and methods of malicious actors to help companies pinpoint their weaknesses and build a more resilient and secure system.

For a long time, security and development were two distinct aspects of programming. As organizations started to leverage software and technology as differentiating factors, the speed and quality of development became more important than ever. Organizations no longer had time after development was complete to address security vulnerabilities. Catching vulnerabilities too late opens companies up to unnecessary risk and can be costly to fix.

It was another eventful year for security professionals in 2022. The year began on the tail of the Log4j vulnerability, data breaches were on the rise, and ransomware attacks were as prevalent as ever. So it’s safe to say cyber resilience is required to be at the forefront for public sector leaders.

I am sure many of you have heard the term “cybersecurity is a team sport.” If you haven’t, I say get on the right team. Security is a complex, ever-changing game of skill and preparedness (never chance). As we like to say here at Splunk, it is all about cyber resilience. To best be prepared to win this game, we need the best team. As with any team sport, there really needs to be other teams - after all what fun is it playing by yourself?

The Windows Registry is one of the most powerful Windows operating system features that can tweak or manipulate Windows policies and low-level configuration settings. Because of this capability, most malware or adversaries abuse this hierarchical database to perform malicious tasks on a victim host or environment. Over the last 2 years, the Splunk Threat Research Team has analyzed and reverse engineered some of the most prevalent and successful malware families.

Cross-Site Scripting (XSS) attacks are bad news. And they can affect lots of people, often unknowingly. Chief among the top cybersecurity threats affecting users worldwide, any website with unsafe elements can become vulnerable to XSS attacks — making visitors to that website unwitting cyberattack victims. To secure your website from XSS attacks, you must first know what they are.

The Splunk Threat Research Team (STRT) is happy to release v3.0 of the Splunk Attack Range. Splunk Attack Range is an open source project that allows security teams to spin up a detection development environment to emulate adversary behavior and use the generated telemetry data to build detections in Splunk. This blog highlights the new features introduced in version 3.0 to help build resilient, high-quality detections.