splunk – Page 2 – MCYSEKA-Maritime Cyber Security Knowledge Archive

Hack The Box: Haze Machine Walkthrough – Hard Difficulty

New Write-Up Published: Haze [Medium | Windows | Active Directory] – Hack The Box

Just released a walkthrough for Haze, a medium-difficulty Windows machine on Hack The Box. Initial access was obtained by exploiting CVE-2024-36991, a local file inclusion vulnerability in Splunk, to extract LDAP credentials. This enabled a Shadow Credentials attack using PyWhisker and Certipy, allowing lateral movement to a high-privileged domain user. For privilege escalation, I utilized Splunk admin access to deploy a reverse shell via a crafted app package. Upon gaining shell access, I escalated privileges to NT SYSTEM by abusing SeImpersonatePrivilege with SweetPotato. This box offers great insight into chained Active Directory abuse and Splunk misconfigurations.

#HackTheBox #RedTeam #ActiveDirectory #Splunk #CVE202436991 #ShadowCredentials #PrivilegeEscalation #SweetPotato #CTF #InfoSec #WriteUp #CyberSecurity

The post Hack The Box: Haze Machine Walkthrough – Hard Difficulty appeared first on Threatninja.net.

June 28, 2025

0 comment

Reinventing Infrastructure for the Next Wave of AI at Cisco Live

AI is changing that fast and the opportunity is bigger than anything I have ever seen in my lifetime. We need to reevaluate many of the architectural assumptions we made in previous eras of computing, networking, and security.  That’s why we’ve brought…

June 10, 2025

0 comment

Splunk + Cisco ThousandEyes: New Integration for End-to-End Digital Resilience

We’re bringing Splunk Observability and Cisco ThousandEyes Assurance closer together with new bi-directional integrations that connect the dots across your digital stack – from application to infrastructure to network.

June 10, 2025

0 comment

How CISOs can talk cybersecurity so it makes sense to executives

CISOs know cyber risk is business risk. Boards don’t always see it that way. For years, CISOs have struggled to get boards to understand security beyond buzzwords. Many feel they’re either ignored or misunderstood. But with threats growing…

May 5, 2025

0 comment

Scaling the Cisco AI Assistant for Support with Splunk

Cisco needed to scale its virtual support engineer that assists its technical support teams around the world. By leveraging its own Splunk technology, Cisco was able to scale the AI assistant to support more than 1M cases and free up engineers to conce…

May 1, 2025

0 comment

Instant Attack Verification: Verification to Trust Automated Response

Discover how Cisco XDR’s Instant Attack Verification brings real-time threat validation for faster, smarter SOC response.

April 29, 2025

0 comment

Reimagining Security for the AI Era

This week at RSA in San Francisco, we’re launching an array of innovations aimed at helping enterprises equip their cybersecurity teams with the AI technology they need to keep their companies safe in the AI era.

April 28, 2025

0 comment

Innovative OT Security Solutions by Cisco at RSAC 2025

Join Cisco at RSAC 2025 where we’ll be demonstrating new capabilities in Industrial Threat Defense, including smarter OT vulnerability prioritization, adaptive zone segmentation using firewalls, and unified IT/OT threat detection to secure industrial n…

April 28, 2025

0 comment

Mobile World Congress 2025: SOC in the Network Operations Center

Cisco is the sole supplier of network services to Mobile World Congress, expanding into security and observability, with Splunk.

April 3, 2025

0 comment

Splunk Patches Dozens of Vulnerabilities

Splunk patches high-severity remote code execution and information disclosure flaws in Splunk Enterprise and Secure Gateway App.
The post Splunk Patches Dozens of Vulnerabilities appeared first on SecurityWeek.

March 27, 2025

0 comment

1 2 3 4 5

M	T	W	T	F	S	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30