Splunk Security Content

Splunk Threat Reasearch Team (STRT)

We help security teams around the globe strengthen operations by providing tactical guidance and insights to detect, investigate and respond against the latest threats.

Windows DisableAntiSpyware Registry

Disable or Modify Tools, Impair Defenses

FodHelper UAC Bypass

Modify Registry, Bypass User Account Control, Abuse Elevation Control Mechanism

Suspicious Scheduled Task from Public Directory

Scheduled Task, Scheduled Task/Job

Ryuk Wake on LAN Command

Command and Scripting Interpreter, Windows Command Shell

Suspicious SQLite3 LSQuarantine Behavior

Data Staged