splunk/security_content v3.62.0
on GitHub

latest releases: v4.42.0, v4.41.0, v4.40.0...

20 months ago

New Analytic Story

CVE-2023-21716 Word RTF Heap Corruption
CVE-2023-23397 Outlook Elevation of Privilege

New Analytics

Okta Mismatch Between Source and Response for Okta Verify Push Request
Okta Multiple Failed Requests to Access Applications
Okta Suspicious Use of a Session Cookie
Okta Phishing Detection with FastPass Origin Check
Okta ThreatInsight Login Failure with High Unknown users
Okta ThreatInsight Suspected PasswordSpray Attack
Windows Rundll32 WebDAV Request
Windows Rundll32 WebDav With Network Connection

Other Updates

Updated ransomware_notes.csv and ransomware_extensions.csv files and transforms definition (thanks to @VatsalJagani )
Updated playbook name to CrowdStrike OAuth API Device Attribute Lookup
Updated several analytics to integrate better with Enterprise Security

Check out latest releases or
releases around splunk/security_content v3.62.0

Don't miss a new security_content release

NewReleases is sending notifications on new releases.

Get notifications