splunk/security_content v4.14.0
on GitHub

latest releases: v4.42.0, v4.41.0, v4.40.0...

13 months ago

Release notes

New Analytic Story

Subvert Trust Controls SIP and Trust Provider Hijacking
Microsoft SharePoint Server Elevation of Privilege CVE-2023-29357
Cisco IOS XE Software Web Management User Interface vulnerability

New Analytics

Confluence CVE-2023-22515 Trigger Vulnerability
Cisco IOS XE Implant Access
Detect Certipy File Modifications (External Contributor : @nterl0k )
Windows Domain Admin Impersonation Indicator
Windows Registry SIP Provider Modification
Microsoft SharePoint Server Elevation of Privilege
Windows Steal Authentication Certificates - ESC1 Abuse (External Contributor : @nterl0k )
Windows SIP Provider Inventory
Windows SIP WinVerifyTrust Failed Trust Validation

Updated Analytics

Citrix ADC Exploitation CVE-2023-3519

Other Updates

Minor changes to playbook names and UUID
Updated descriptions for 50 detections

BA Updates

Added lower() to BA detection searches in the eval function

Check out latest releases or
releases around splunk/security_content v4.14.0

Don't miss a new security_content release

NewReleases is sending notifications on new releases.

Get notifications