Splunk

Threat Update: CaddyWiper

Apr 1, 2022 By Splunk Threat Research Team In Splunk

As the conflict in Eastern Europe continues, the Splunk Threat Research Team (STRT) is constantly monitoring new developments, especially those related to destructive software. As we have showcased in previous releases in relation to destructive software and HermeticWiper, malicious actors modify their TTPs in order to become more effective and achieve their objectives.

Read Post

Splunk

Read more about Threat Update: CaddyWiper

An Analysis of Ransomware Encryption Speeds by Splunk SURGe

Mar 29, 2022 By Splunk In Splunk

Did you know the median time for ransomware to encrypt nearly 100,000 files is 42 minutes and 52 seconds? This speed is likely beyond the capabilities of most organizations to respond effectively before encryption is complete. These findings are the result of research published by SURGe, Splunk’s strategic cybersecurity research team.

View Video

Splunk

Read more about An Analysis of Ransomware Encryption Speeds by Splunk SURGe

Threat Update DoubleZero Destructor

Mar 28, 2022 By Splunk Threat Research Team In Splunk

The Splunk Threat Research Team is actively monitoring the emergence of new threats in the cyber domain of ongoing geopolitical events. As we have shown previously in several releases, including HermeticWiper and CaddyWiper, actors in this campaign are deploying, updating, and modifying stealthier malicious payloads. On March 17th, 2022, the Ukraine CERT discovered a new malicious payload named DoubleZero Destructor (CERT-UA #4243).

Read Post

Splunk

Read more about Threat Update DoubleZero Destructor

Gone in 52 Seconds...and 42 Minutes: A Comparative Analysis of Ransomware Encryption Speed

Mar 23, 2022 By Shannon Davis In Splunk

Do you feel like every other cybersecurity news story mentioned ransomware in 2021? Does it feel like you can’t turn on a cybersecurity podcast and not hear the “R” word? We feel the same way, and as a cybersecurity vendor, we felt that we should also contribute to the noise. :-) But we did want to try and do something different.

Read Post

Splunk

Read more about Gone in 52 Seconds...and 42 Minutes: A Comparative Analysis of Ransomware Encryption Speed

Coffee Talk with SURGe: 2022-MAR-022 Government Cyber Statements, Okta, WiCys, and a deep dive

Mar 23, 2022 By Splunk In Splunk

Bring a cup of coffee and tune in to join the SURGe security team for a recap of cybersecurity news and events, our 60-second charity challenge, and another topic deep dive!

View Video

Splunk

Read more about Coffee Talk with SURGe: 2022-MAR-022 Government Cyber Statements, Okta, WiCys, and a deep dive

Detecting HermeticWiper

Mar 10, 2022 By Splunk Threat Research Team In Splunk

As stated in our previous threat advisory STRT-TA02 in regards to destructive software, past historical data suggests that for malicious actors to succeed in long-standing campaigns they must improve and add new ways of making their payloads stealthier, resistant, and damaging. HermeticWiper introduces some unique features, applying destructive actions on compromised hosts.

Read Post

Splunk

Read more about Detecting HermeticWiper

Coffee Talk with SURGe: 2022-MAR-08 Ukraine, 72 Notice, Ransomware, Days of our lives

Mar 9, 2022 By Splunk In Splunk

Join Splunk's SURGe team for the latest in cybersecurity news, a deep-dive lesson into something near and dear to our hearts, and of course a 60-second charity challenge.

View Video

Splunk

Security

Read more about Coffee Talk with SURGe: 2022-MAR-08 Ukraine, 72 Notice, Ransomware, Days of our lives

Cybersecurity and the war in Ukraine

Mar 7, 2022 By Shawn Bice In Splunk

Like most of us around the world, I’ve been shocked by the current situation in Ukraine. I’m saddened by the images of families being torn apart and fleeing their homes. This brings to mind the story of my own grandmother, who had to leave her native country of Austria, with nothing more than a small bag and my infant mother in her arms.

Read Post

Splunk

Read more about Cybersecurity and the war in Ukraine

Linux Persistence and Privilege Escalation: Threat Research January 2022 Release

Feb 24, 2022 By Splunk Threat Research Team In Splunk

In this January 2022 release, The Splunk Threat Research (STRT) team focused on the recently released Sysmon for Linux technology addition to Splunk. This new add-on opens the door for new ways of monitoring, creating detections, and defending against Linux systems threats. Linux is the most commonly used operating system across the world with approximately 67% of the internet.

Read Post

Splunk

Read more about Linux Persistence and Privilege Escalation: Threat Research January 2022 Release

Qmulos + Splunk Cloud Platform: Why Do Compliance Any Other Way?

Feb 4, 2022 By guest In Splunk

Enterprises continue to embrace cloud technology, some driven by the desire to offload rising hardware costs and operational overhead, others enticed by the promise of scalable, on-demand, practically infinite capacity and capability only a few clicks away.

Read Post

Splunk

Read more about Qmulos + Splunk Cloud Platform: Why Do Compliance Any Other Way?

Subscribe to Splunk

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Splunk

Threat Update: CaddyWiper

An Analysis of Ransomware Encryption Speeds by Splunk SURGe

Threat Update DoubleZero Destructor

Gone in 52 Seconds...and 42 Minutes: A Comparative Analysis of Ransomware Encryption Speed

Coffee Talk with SURGe: 2022-MAR-022 Government Cyber Statements, Okta, WiCys, and a deep dive

Detecting HermeticWiper

Coffee Talk with SURGe: 2022-MAR-08 Ukraine, 72 Notice, Ransomware, Days of our lives

Cybersecurity and the war in Ukraine

Linux Persistence and Privilege Escalation: Threat Research January 2022 Release

Qmulos + Splunk Cloud Platform: Why Do Compliance Any Other Way?

Monthly Archive

Follow Us