Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Splunk

Coffee Talk with SURGe: 2023-NOV-14 ICBC Ransomware, Sandworm Cuts Power in Ukraine, Volt Typhoon

Grab a cup of coffee and join Mick Baccio, Ryan Kovar, and Audra Streetman for another edition of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: Mick and Ryan will also compete in a charity challenge to explain what constitutes an influence operation, and why network defenders should care.

Enhance Security Resilience Through Splunk User Behavior Analytics VPN Models

The COVID-19 pandemic has spurred a significant increase in the adoption of remote access, resulting in a substantial portion of the workforce transitioning to remote work. This requires employees to heavily rely on their employer’s virtual private network (VPN) to connect to their company's IT systems. This shift to working from home (WFH) is expected to continue well into the foreseeable future.

European Security is More Than Regulation: Splunk's 2023 CISO Report

The role of today’s Chief Information Security Officers (CISOs) is complex and rapidly changing. 86% say that the role has changed so much since they became a CISO that it’s almost a different job. They are emerging as strategists and leaders who have a louder voice in the boardroom.

Insider Threats in Cybersecurity

When you think about security, it's usually from external factors. We lock the doors to our homes and businesses, when we go to the gym our belongings are kept safe in locked lockers from theft, and our computers and phones have security measures in place to keep people out. Our focus is on external threats but the biggest danger can come from within — insider threats. Consider the classic thriller When a Stranger Calls.

More Than Just a RAT: Unveiling NjRAT's MBR Wiping Capabilities

NjRAT (also known as Bladabindi) malware is a Remote Access Trojan (RAT) that was first discovered in 2012. This malware strain has persisted in the threat landscape up to the present day, most recently earning notoriety for its active campaigns against agencies and organizations located in the Middle East and North Africa. Upon successful infiltration into a target host or system, NjRAT can allow the attacker to remotely access and exercise control over the compromised system.

Coffee Talk with SURGe: 2023-10-31 SEC SolarWinds Complaint, Biden's Executive Order on AI

Grab a cup of coffee and join Mick Baccio, Ryan Kovar, and Audra Streetman for a spooky Halloween edition of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: Mick and Ryan also competed in a charity challenge benefitting World Central Kitchen to share the lessons learned from Cybersecurity Awareness Month.

SOARing High for M-21-31

As most folks who work in the US Federal Civilian space are aware, we are now past the August 2023 date to meet Enterprise Logging Level 3 (EL3) in support of the M-21-31 OMB Mandate. As part of the Advanced Requirements in EL3, Logging Orchestration, Automation, & Response enters Finalizing Implementation, meaning agencies should be completing and rolling out automated incident response playbooks.

Splunk SOAR Playbooks - Dynamic Identifier Reputation Analysis (Part 2)

The Dynamic Identifier Reputation Analysis playbook is an essential tool for any security operations center (SOC) team looking for a comprehensive view of their environment’s threat landscape. By leveraging MITRE DEFEND's approach for dynamic identifier reputation analysis, SOC teams can quickly identify potential threats and vulnerabilities and take proactive steps towards mitigating risk before it causes damage.

User and Entity Behavior Analytics (UEBA) For Enterprise Security

Ever thought about what to do to prevent deadly insider attacks? Even with the implementation of intrusion prevention systems and antivirus software, these threats persist. And their cost has risen by 44% over the past two years. In 2023, insiders have been responsible for the unauthorized leakage of almost 1 billion records. Amid this adversity, user and entity behavior analytics (UEBA) has emerged as a modern enterprise security solution.

Malware Detection & Top Techniques Today

Every day, an average of 450,000 new malware are designed to wreak havoc on businesses, governments, and average citizens. Aside from the financial implications of malware, the reputational damage for companies and the psychological impact on victims (especially with ransomware) are enough to scare anyone at the thought of dealing with a malware attack. But it’s not all bad news! There is a way of protecting your devices and cyberspace with a proactive method.