Splunk Security Content

Splunk Threat Reasearch Team (STRT)

We help security teams around the globe strengthen operations by providing tactical guidance and insights to detect, investigate and respond against the latest threats.

Windows COM Hijacking InprocServer32 Modification

Component Object Model Hijacking, Event Triggered Execution

Windows System Script Proxy Execution Syncappvpublishingserver

System Script Proxy Execution, System Binary Proxy Execution

AWS Unusual Number of Failed Authentications From Ip

Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing

Windows Unusual Count Of Disabled Users Failed Auth Using Kerberos

Password Spraying, Brute Force

Windows Unusual Count Of Invalid Users Fail To Auth Using Kerberos