Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-08-25splunkSplunk Threat Research Team
@online{team:20220825:applocker:7ed5b33, author = {Splunk Threat Research Team}, title = {{AppLocker Rules as Defense Evasion: Complete Analysis}}, date = {2022-08-25}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/-applocker-rules-as-defense-evasion-complete-analysis.html}, language = {English}, urldate = {2022-08-30} } AppLocker Rules as Defense Evasion: Complete Analysis
Azorult
2022-07-26splunkSplunk Threat Research Team
@online{team:20220726:ml:048aaa9, author = {Splunk Threat Research Team}, title = {{ML Detection of Risky Command Exploit}}, date = {2022-07-26}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/ml-detection-of-risky-command-exploit.html}, language = {English}, urldate = {2022-08-22} } ML Detection of Risky Command Exploit
2022-06-23splunkSplunk Threat Research Team
@online{team:20220623:threat:c75f097, author = {Splunk Threat Research Team}, title = {{Threat Update: Industroyer2}}, date = {2022-06-23}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/threat-update-industroyer2.html}, language = {English}, urldate = {2022-08-22} } Threat Update: Industroyer2
INDUSTROYER2
2022-05-19splunkSplunk Threat Research Team
@online{team:20220519:threat:63b1c42, author = {Splunk Threat Research Team}, title = {{Threat Update: AcidRain Wiper}}, date = {2022-05-19}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/threat-update-acidrain-wiper.html}, language = {English}, urldate = {2022-05-29} } Threat Update: AcidRain Wiper
AcidRain
2022-04-15splunkSplunk Threat Research Team
@online{team:20220415:strtta03:9292c09, author = {Splunk Threat Research Team}, title = {{STRT-TA03 CPE - Destructive Software}}, date = {2022-04-15}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/strt-ta03-cpe-destructive-software.html}, language = {English}, urldate = {2022-04-29} } STRT-TA03 CPE - Destructive Software
AcidRain CyclopsBlink
2022-04-07splunkSplunk Threat Research Team
@online{team:20220407:you:2d088bc, author = {Splunk Threat Research Team}, title = {{You Bet Your Lsass: Hunting LSASS Access}}, date = {2022-04-07}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/you-bet-your-lsass-hunting-lsass-access.html}, language = {English}, urldate = {2022-05-04} } You Bet Your Lsass: Hunting LSASS Access
Cobalt Strike MimiKatz
2022-04-01splunkSplunk Threat Research Team
@online{team:20220401:threat:1955941, author = {Splunk Threat Research Team}, title = {{Threat Update: CaddyWiper}}, date = {2022-04-01}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/threat-update-caddywiper.html}, language = {English}, urldate = {2022-04-12} } Threat Update: CaddyWiper
CaddyWiper
2022-03-28splunkSplunk Threat Research Team
@online{team:20220328:threat:5310e19, author = {Splunk Threat Research Team}, title = {{Threat Update DoubleZero Destructor}}, date = {2022-03-28}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/threat-update-doublezero-destructor.html}, language = {English}, urldate = {2022-03-30} } Threat Update DoubleZero Destructor
DoubleZero
2022-03-10splunkSplunk Threat Research Team
@online{team:20220310:detecting:d1cb280, author = {Splunk Threat Research Team}, title = {{Detecting HermeticWiper}}, date = {2022-03-10}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/detecting-hermeticwiper.html}, language = {English}, urldate = {2022-03-22} } Detecting HermeticWiper
HermeticWiper PartyTicket
2022-01-27splunkSplunk Threat Research Team
@online{team:20220127:threat:6829079, author = {Splunk Threat Research Team}, title = {{Threat Advisory: STRT-TA02 - Destructive Software}}, date = {2022-01-27}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/threat-advisory-strt-ta02-destructive-software.html?splunk}, language = {English}, urldate = {2022-02-02} } Threat Advisory: STRT-TA02 - Destructive Software
WhisperGate
2022-01-27splunkSplunk Threat Research Team
@online{team:20220127:threat:ea9f405, author = {Splunk Threat Research Team}, title = {{Threat Advisory: STRT-TA02 - Destructive Software}}, date = {2022-01-27}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/threat-advisory-strt-ta02-destructive-software.html}, language = {English}, urldate = {2022-02-01} } Threat Advisory: STRT-TA02 - Destructive Software
WhisperGate
2022-01-10splunkSplunk Threat Research Team
@online{team:20220110:detecting:a46a6e5, author = {Splunk Threat Research Team}, title = {{Detecting Malware Script Loaders using Remcos: Threat Research Release December 2021}}, date = {2022-01-10}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/detecting-malware-script-loaders-using-remcos-threat-research-release-december-2021.html}, language = {English}, urldate = {2022-01-25} } Detecting Malware Script Loaders using Remcos: Threat Research Release December 2021
Remcos
2021-11-11splunkSplunk Threat Research Team
@online{team:20211111:fin7:cd0d233, author = {Splunk Threat Research Team}, title = {{FIN7 Tools Resurface in the Field – Splinter or Copycat?}}, date = {2021-11-11}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/fin7-tools-resurface-in-the-field-splinter-or-copycat.html}, language = {English}, urldate = {2021-11-12} } FIN7 Tools Resurface in the Field – Splinter or Copycat?
JSSLoader Remcos
2021-11-04splunkSplunk Threat Research Team
@online{team:20211104:detecting:d8aba5b, author = {Splunk Threat Research Team}, title = {{Detecting IcedID... Could It Be A Trickbot Copycat?}}, date = {2021-11-04}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/detecting-icedid-could-it-be-a-trickbot-copycat.html}, language = {English}, urldate = {2021-11-08} } Detecting IcedID... Could It Be A Trickbot Copycat?
IcedID
2021-07-21splunkSplunk Threat Research Team
@online{team:20210721:detecting:ceb179f, author = {Splunk Threat Research Team}, title = {{Detecting Trickbot with Splunk}}, date = {2021-07-21}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/detecting-trickbots.html}, language = {English}, urldate = {2021-07-22} } Detecting Trickbot with Splunk
TrickBot
2021-07-06splunkSplunk Threat Research Team
@online{team:20210706:revil:2420164, author = {Splunk Threat Research Team}, title = {{REvil Ransomware Threat Research Update and Detections}}, date = {2021-07-06}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/revil-ransomware-threat-research-update-and-detections.html}, language = {English}, urldate = {2021-07-26} } REvil Ransomware Threat Research Update and Detections
REvil
2021-06-10splunkSplunk Threat Research Team
@online{team:20210610:detecting:30a8985, author = {Splunk Threat Research Team}, title = {{Detecting Password Spraying Attacks: Threat Research Release May 2021}}, date = {2021-06-10}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/detecting-password-spraying-attacks-threat-research-release-may-2021.html}, language = {English}, urldate = {2021-06-21} } Detecting Password Spraying Attacks: Threat Research Release May 2021
2021-05-17splunkSplunk Threat Research Team
@online{team:20210517:darkside:e7a3747, author = {Splunk Threat Research Team}, title = {{DarkSide Ransomware: Splunk Threat Update and Detections}}, date = {2021-05-17}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/darkside-ransomware-splunk-threat-update-and-detections.html}, language = {English}, urldate = {2021-05-19} } DarkSide Ransomware: Splunk Threat Update and Detections
DarkSide
2021-05-03splunkSplunk Threat Research Team
@online{team:20210503:clop:1d24527, author = {Splunk Threat Research Team}, title = {{Clop Ransomware Detection: Threat Research Release, April 2021}}, date = {2021-05-03}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/clop-ransomware-detection-threat-research-release-april-2021.html}, language = {English}, urldate = {2021-05-07} } Clop Ransomware Detection: Threat Research Release, April 2021
Clop
2021-04-13splunkSplunk Threat Research Team
@online{team:20210413:detecting:83655d0, author = {Splunk Threat Research Team}, title = {{Detecting Clop Ransomware}}, date = {2021-04-13}, organization = {splunk}, url = {https://www.splunk.com/en_us/blog/security/detecting-clop-ransomware.html}, language = {English}, urldate = {2021-04-14} } Detecting Clop Ransomware
Clop