Using Splunk to Detect Sunburst Backdoor
The Sunburst Backdoor threat truly burst on the scene as a send off for 2020. The good news is that the Splunk Security team has produced detections you can run in Splunk Enterprise Security to help you protect your environment from this sophisticated threat.
14 Dec 2020 ... For example, create lookup tables as I indicated in the blogs above or ... Once the adversary has access to the network via the trojanized dll, they ... Although we have not seen the logs, we can safely assume they are ... in the FireEye report was also the existence of a named pipe. ... Splunk on Facebook.