Hello community, In recent weeks I’ve noticed that the quality of phishing e-mails I’m receiving (even to my personal account) have reached a new quality. They are getting better and better every day and even the latest spam filters let them through. Let’s look at one currently being sent out to many e-mail addresses that appears to be from DHL about tracking orders on the way to your house. For the German speaking market the quality is very good. Previously, end users have easily detected...
A concept from Microsoft’s Threat Intelligence Center, presented by John Lambert caught my attention as I recently reviewed some of the MITRE ATT&CKcon sessions. His speech was about advancing InfoSec towards an open, shareable, contributor-friendly model of speeding up InfoSec learning. John researched how certain defenders have been highly successful in defending their networks, particularly where some others had been in the news for failing many times before. In doing so, he found that alth...
Hey there, While the World Economic Forum (WEF) in Davos always dominates the news agenda across a variety of topics I wondered what discussions around technology occurred this year, particularly from a cybersecurity perspective. During my reading, I came across the global risks report 2020 published by WEF and thought sharing some of the key points would help you in case you have to argue about the importance of cybersecurity. I know that in most firms the topic of cybersecurity has finally arr...
Splunk is committed to using inclusive and unbiased language. This blog post might contain terminology that we no longer use. For more information on our updated terminology and our stance on biased language, please visit our blog post. We appreciate your understanding as we work towards making our community more inclusive for everyone. From Zero to "SOAR up"! (A Real-Life Scenario Implementing Splunk® SOAR) · Get inspired in this EMEA session as Raiffeisen Bank International (RBI) shares it...
Hello Everyone, I'm excited to share insights from a recent roundtable discussion we hosted in collaboration with CIO magazine. The talk focused on the dual challenge faced by IT and security managers: mitigating risks associated with AI while leveraging AI to enhance organizational capability. Given the ubiquitous media presence of AI, it was insightful to learn how German organizations are currently dealing with this technology. Where steam locomotives were once repaired, a Horch 855 Roadster ...
Hello Security Ninjas, As last step in this sample you can see how the malware gains SYSTEM Access. At this point the malware now has administrative rights and can either fulfill its objective or just “wait and sleep” until it has a proper mission to accomplish. Translation of the events in words: 13:46:18 – process reflectively injects itself into rundll32.exe process (based on instructions from command and control) · Further resources: I’m sure as a real Splunker you know what to loo...
Hello Security Ninjas, recently Splunk took part in the FIRST 2015 conference, a conference dedicated to CERTs, Incident Responders and Security Teams. Many of the attendees shared with us that they are using Splunk regularly for security use cases and this is great to hear! · One of the notable presentations was from Alexandre Dulaunoy from the CIRCL (Computer Incident Response Center Luxembourg) and Eireann Leverett from the Cambridge Centre for Risk Studies. Security analysts across the wor...
We also demonstrated how to operationalize it with content from the Splunk Security Essentials app via Splunk Enterprise Security. We received so many questions from attendees during the session that we weren’t able answer them all. That’s why I wanted to take the time to re-share the poll results we conducted during the webinar as well as question ...
Hello Splunkers, I recently blogged about how Udo, a member of the EMEA technical services team, is monitoring his smart home. Inspired by his use case I started to investigate if I too could collect data from my heating system to do a similar sort of analysis. In the following blog I will document and show you how, inspired by Udo, I received insights into my own heating system, saving money as well as reducing my environmental impact. You can download everything from Splunkbase. I created an E...
You know that us Splunkers love to go deep into use cases and figure out what helps our customers the most. However in today’s business world, industry recognition goes a long way in proving the value in the products and services we use. For example if you were Munich Airport, then it would speak volumes to others if your airport was named as a “First Five-Star Airport” or if you were Dachser Logistics and went on to win the “One Eaton Supplier Premier Award ”. So it makes me very prou...