Click here to download all references as Bib-File.
2022-05-19 ⋅ splunk ⋅ Threat Update: AcidRain Wiper AcidRain |
2022-04-15 ⋅ splunk ⋅ STRT-TA03 CPE - Destructive Software AcidRain CyclopsBlink |
2022-04-07 ⋅ splunk ⋅ You Bet Your Lsass: Hunting LSASS Access Cobalt Strike MimiKatz |
2022-04-01 ⋅ splunk ⋅ Threat Update: CaddyWiper CaddyWiper |
2022-03-28 ⋅ splunk ⋅ Threat Update DoubleZero Destructor DoubleZero |
2022-03-23 ⋅ splunk ⋅ Gone in 52 Seconds…and 42 Minutes: A Comparative Analysis of Ransomware Encryption Speed Avaddon Babuk BlackMatter Conti DarkSide LockBit Maze Mespinoza REvil Ryuk |
2022-03-10 ⋅ splunk ⋅ Detecting HermeticWiper HermeticWiper PartyTicket |
2022-03-09 ⋅ Medium Invictus Incident Response ⋅ Set up Splunk for Incident Response in GCP in 15 minutes.. |
2022-02-23 ⋅ splunk ⋅ An Empirically Comparative Analysis of Ransomware Binaries Avaddon Babuk BlackMatter Conti DarkSide LockBit Maze Mespinoza REvil Ryuk |
2022-01-27 ⋅ splunk ⋅ Threat Advisory: STRT-TA02 - Destructive Software WhisperGate |
2022-01-27 ⋅ splunk ⋅ Threat Advisory: STRT-TA02 - Destructive Software WhisperGate |
2022-01-10 ⋅ splunk ⋅ Detecting Malware Script Loaders using Remcos: Threat Research Release December 2021 Remcos |
2021-11-11 ⋅ splunk ⋅ FIN7 Tools Resurface in the Field – Splinter or Copycat? JSSLoader Remcos |
2021-11-04 ⋅ splunk ⋅ Detecting IcedID... Could It Be A Trickbot Copycat? IcedID |
2021-10-26 ⋅ splunk ⋅ High(er) Fidelity Software Supply Chain Attack Detection |
2021-07-21 ⋅ splunk ⋅ Detecting Trickbot with Splunk TrickBot |
2021-07-06 ⋅ splunk ⋅ REvil Ransomware Threat Research Update and Detections REvil |
2021-07-05 ⋅ splunk ⋅ Kaseya, Sera. What REvil Shall Encrypt, Shall Encrypt REvil |
2021-06-10 ⋅ splunk ⋅ Detecting Password Spraying Attacks: Threat Research Release May 2021 |
2021-05-17 ⋅ splunk ⋅ DarkSide Ransomware: Splunk Threat Update and Detections DarkSide |