Skip to content

davisshannon/Splunk-REvil-Kaseya-IOCs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
README.md
README.md
 
 
domains.csv
domains.csv
 
 
files.csv
files.csv
 
 

Repository files navigation

Splunk-REvil-Kaseya-IOCs

REvil Kaseya IOCs for Splunk Ingest Collected from various feeds including Sophos (https://community.sophos.com/b/security-blog/posts/active-ransomware-attack-on-kaseya-customers), Cado Security (https://www.cadosecurity.com/post/resources-for-dfir-professionals-responding-to-the-revil-ransomware-kaseya-supply-chain-attack).

Instructions on how to add IOCs into Splunk Enterprise Security- https://www.splunk.com/en_us/blog/security/how-do-i-add-covid-threat-intelligence-from-the-internet-to-enterprise-security.html

https://www.splunk.com/en_us/blog/security/smoothing-the-bumps-of-onboarding-threat-indicators-into-splunk-enterprise-security.html

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Contributors