dbta

Splunk Attack Range 4.0 Enables Detection Teams to Emulate Adversary Behavior

The Splunk Threat Research Team is releasing v4.0 of Splunk Attack Range, an open source project that allows security teams to spin up a detection development environment to emulate adversary behavior ...
CSOonline

GitHub Actions attack renders even security-aware orgs vulnerable

Many open-source repositories contain privileged GitHub Actions workflows that execute untrusted code and can be triggered by attackers to expose credentials and access tokens, as MITRE and Splunk ...