Splunk Security Content

Splunk Threat Reasearch Team (STRT)

We help security teams around the globe strengthen operations by providing tactical guidance and insights to detect, investigate and respond against the latest threats.

Suspicious Email Attachment Extensions

Spearphishing Attachment, Phishing

Change Default File Association

Change Default File Association, Event Triggered Execution

Windows High File Deletion Frequency

Data Destruction

Linux Impair Defenses Process Kill

Disable or Modify Tools, Impair Defenses

Suspicious Process DNS Query Known Abuse Web Services

Visual Basic, Command and Scripting Interpreter