Cisco Live San Diego Case Study: Hunting Cleartext Passwords in HTTP POST Requests
Cisco Security and Splunk protected Cisco Live San Diego 2025 in the Security Operations Center. Learn about the latest innovations for the SOC of the Future.
splunk
Hack The Box: Haze Machine Walkthrough – Hard Difficulty
New Write-Up Published: Haze [Medium | Windows | Active Directory] – Hack The Box
Just released a walkthrough for Haze, a medium-difficulty Windows machine on Hack The Box. Initial access was obtained by exploiting CVE-2024-36991, a local file inclusion vulnerability in Splunk, to extract LDAP credentials. This enabled a Shadow Credentials attack using PyWhisker and Certipy, allowing lateral movement to a high-privileged domain user. For privilege escalation, I utilized Splunk admin access to deploy a reverse shell via a crafted app package. Upon gaining shell access, I escalated privileges to NT SYSTEM by abusing SeImpersonatePrivilege with SweetPotato. This box offers great insight into chained Active Directory abuse and Splunk misconfigurations.
#HackTheBox #RedTeam #ActiveDirectory #Splunk #CVE202436991 #ShadowCredentials #PrivilegeEscalation #SweetPotato #CTF #InfoSec #WriteUp #CyberSecurity
The post Hack The Box: Haze Machine Walkthrough – Hard Difficulty appeared first on Threatninja.net.
Reinventing Infrastructure for the Next Wave of AI at Cisco Live
AI is changing that fast and the opportunity is bigger than anything I have ever seen in my lifetime. We need to reevaluate many of the architectural assumptions we made in previous eras of computing, networking, and security. That’s why we’ve brought…
Splunk + Cisco ThousandEyes: New Integration for End-to-End Digital Resilience
We’re bringing Splunk Observability and Cisco ThousandEyes Assurance closer together with new bi-directional integrations that connect the dots across your digital stack – from application to infrastructure to network.
How CISOs can talk cybersecurity so it makes sense to executives
CISOs know cyber risk is business risk. Boards don’t always see it that way. For years, CISOs have struggled to get boards to understand security beyond buzzwords. Many feel they’re either ignored or misunderstood. But with threats growing…
Scaling the Cisco AI Assistant for Support with Splunk
Cisco needed to scale its virtual support engineer that assists its technical support teams around the world. By leveraging its own Splunk technology, Cisco was able to scale the AI assistant to support more than 1M cases and free up engineers to conce…
Instant Attack Verification: Verification to Trust Automated Response
Discover how Cisco XDR’s Instant Attack Verification brings real-time threat validation for faster, smarter SOC response.
Reimagining Security for the AI Era
This week at RSA in San Francisco, we’re launching an array of innovations aimed at helping enterprises equip their cybersecurity teams with the AI technology they need to keep their companies safe in the AI era.
Innovative OT Security Solutions by Cisco at RSAC 2025
Join Cisco at RSAC 2025 where we’ll be demonstrating new capabilities in Industrial Threat Defense, including smarter OT vulnerability prioritization, adaptive zone segmentation using firewalls, and unified IT/OT threat detection to secure industrial n…
Mobile World Congress 2025: SOC in the Network Operations Center
Cisco is the sole supplier of network services to Mobile World Congress, expanding into security and observability, with Splunk.