Refining SSO at Black Hat USA
Cisco is the Security Cloud Provider to the Black Hat conferences. Learn about the latest innovations for the SOC of the Future at Black Hat USA 2025.
splunk
Build Job-Ready IT and Cybersecurity Skills with Hands-On Labs
Get lifetime access to The 2025 Complete Defensive Cyber Security Bundle for $39.99 (reg. $240).
PLoB: A Behavioral Fingerprinting Framework to Hunt for Malicious Logins
Splunk researchers developed a system to fingerprint post-logon behavior, using AI to find subtle signals of intrusion.
The post PLoB: A Behavioral Fingerprinting Framework to Hunt for Malicious Logins appeared first on SecurityWeek.
Ivanti, Fortinet, Splunk Release Security Updates
Ivanti, Fortinet, and Splunk have released patches for critical- and high-severity vulnerabilities in their products.
The post Ivanti, Fortinet, Splunk Release Security Updates appeared first on SecurityWeek.
Designed With You. Built for What’s Next
The Cisco 360 Partner Program redefines collaboration, enabling partners to achieve profitable growth through innovation, simplified tools, and shared success in AI, security, and services.
Cisco Live San Diego Case Study: Malware Upatre! (Encrypted Visibility Engine Event)
Cisco Security and Splunk protected Cisco Live San Diego 2025 in the Security Operations Center. Learn about the latest innovations for the SOC of the Future.
Using AI to Battle Phishing Campaigns
Cisco Security and Splunk protected Cisco Live San Diego 2025 in the Security Operations Center. Learn about the latest innovations for the SOC of the Future.
Building an XDR Integration With Splunk Attack Analyzer
Cisco XDR is an infinitely extensible platform for security integrations. Like the maturing SOCs of our customers, the event SOC team at Cisco Live San Diego 2025 built custom integrations to meet our needs. You can build your own integrations using th…
Cisco Live San Diego Case Study: Hunting Cleartext Passwords in HTTP POST Requests
Cisco Security and Splunk protected Cisco Live San Diego 2025 in the Security Operations Center. Learn about the latest innovations for the SOC of the Future.
Hack The Box: Haze Machine Walkthrough – Hard Difficulty
New Write-Up Published: Haze [Medium | Windows | Active Directory] – Hack The Box
Just released a walkthrough for Haze, a medium-difficulty Windows machine on Hack The Box. Initial access was obtained by exploiting CVE-2024-36991, a local file inclusion vulnerability in Splunk, to extract LDAP credentials. This enabled a Shadow Credentials attack using PyWhisker and Certipy, allowing lateral movement to a high-privileged domain user. For privilege escalation, I utilized Splunk admin access to deploy a reverse shell via a crafted app package. Upon gaining shell access, I escalated privileges to NT SYSTEM by abusing SeImpersonatePrivilege with SweetPotato. This box offers great insight into chained Active Directory abuse and Splunk misconfigurations.
#HackTheBox #RedTeam #ActiveDirectory #Splunk #CVE202436991 #ShadowCredentials #PrivilegeEscalation #SweetPotato #CTF #InfoSec #WriteUp #CyberSecurity
The post Hack The Box: Haze Machine Walkthrough – Hard Difficulty appeared first on Threatninja.net.