Click here to download all references as Bib-File.
| 2022-12-01 ⋅ splunk ⋅ From Macros to No Macros: Continuous Malware Improvements by QakBot QakBot |
| 2022-11-16 ⋅ splunk ⋅ Inside the Mind of a ‘Rat’ - Agent Tesla Detection and Analysis Agent Tesla |
| 2022-10-04 ⋅ splunk ⋅ Deliver a Strike by Reversing a Badger: Brute Ratel Detection and Analysis Brute Ratel C4 |
| 2022-08-25 ⋅ splunk ⋅ AppLocker Rules as Defense Evasion: Complete Analysis Azorult |
| 2022-07-26 ⋅ splunk ⋅ ML Detection of Risky Command Exploit |
| 2022-06-23 ⋅ splunk ⋅ Threat Update: Industroyer2 INDUSTROYER2 |
| 2022-05-19 ⋅ splunk ⋅ Threat Update: AcidRain Wiper AcidRain |
| 2022-04-15 ⋅ splunk ⋅ STRT-TA03 CPE - Destructive Software AcidRain CyclopsBlink |
| 2022-04-07 ⋅ splunk ⋅ You Bet Your Lsass: Hunting LSASS Access Cobalt Strike MimiKatz |
| 2022-04-01 ⋅ splunk ⋅ Threat Update: CaddyWiper CaddyWiper |
| 2022-03-28 ⋅ splunk ⋅ Threat Update DoubleZero Destructor DoubleZero |
| 2022-03-23 ⋅ splunk ⋅ Gone in 52 Seconds…and 42 Minutes: A Comparative Analysis of Ransomware Encryption Speed Avaddon Babuk BlackMatter Conti DarkSide LockBit Maze Mespinoza REvil Ryuk |
| 2022-03-10 ⋅ splunk ⋅ Detecting HermeticWiper HermeticWiper PartyTicket |
| 2022-03-09 ⋅ Medium Invictus Incident Response ⋅ Set up Splunk for Incident Response in GCP in 15 minutes.. |
| 2022-02-23 ⋅ splunk ⋅ An Empirically Comparative Analysis of Ransomware Binaries Avaddon Babuk BlackMatter Conti DarkSide LockBit Maze Mespinoza REvil Ryuk |
| 2022-01-27 ⋅ splunk ⋅ Threat Advisory: STRT-TA02 - Destructive Software WhisperGate |
| 2022-01-27 ⋅ splunk ⋅ Threat Advisory: STRT-TA02 - Destructive Software WhisperGate |
| 2022-01-10 ⋅ splunk ⋅ Detecting Malware Script Loaders using Remcos: Threat Research Release December 2021 Remcos |
| 2021-11-11 ⋅ splunk ⋅ FIN7 Tools Resurface in the Field – Splinter or Copycat? JSSLoader Remcos |
| 2021-11-04 ⋅ splunk ⋅ Detecting IcedID... Could It Be A Trickbot Copycat? IcedID |