Splunk Security Content

Splunk Threat Reasearch Team (STRT)

We help security teams around the globe strengthen operations by providing tactical guidance and insights to detect, investigate and respond against the latest threats.

Linux Insert Kernel Module Using Insmod Utility

Kernel Modules and Extensions, Boot or Logon Autostart Execution

Suspicious Ticket Granting Ticket Request

Valid Accounts, Domain Accounts

Linux Change File Owner To Root

Linux and Mac File and Directory Permissions Modification, File and Directory Permissions Modification

Linux Setuid Using Chmod Utility

Setuid and Setgid, Abuse Elevation Control Mechanism

Linux NOPASSWD Entry In Sudoers File

Sudo and Sudo Caching, Abuse Elevation Control Mechanism