When Splunk told me we would have a “breach holiday” theme for the summer, I didn’t think it would be quite so on the nose… For those of you who have been working on this Kaseya REvil Ransomware incident over the weekend, I salute you. Otherwise, read on for a quick breakdown of what happened, how to detect it, and MITRE ATT&CK mappings. If you want to see how to find Kaseya REvil specifics skip down to the “Detecting REvil Ransomware Kaseya in Splunk”sections. While Splunk was not impacted by the ransomware attack, as a security leader we want to help the industry by providing tools, guidance and support. Authors and Contributors: As always, security at Splunk is a family business.Ĭredit to author Ryan Kovar and collaborators: Mick Baccio, Drew Church, Shannon Davis, Lily Lee, James Brodsky, John Stoner, Matt Krumholz, Eric Schou.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |