What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-07-11 22:43:33 | Patch de juillet 2023 Mardi: six vulnérabilités zéro-jours activement exploitées et neuf vulnérabilités critiques identifiées July 2023 Patch Tuesday: Six Actively Exploited Zero-Days and Nine Critical Vulnerabilities Identified (lien direct) |
Microsoft a publié des mises à jour de sécurité pour 131 vulnérabilités et une divulgation pour une vulnérabilité encore terminée pour son déploiement de juillet 2023 mardi: 9 sont évalués comme critiques tandis que les 122 autres sont évalués comme importants.Il y a une vulnérabilité sans cote de gravité.Juillet 2023 Analyse des risques ce mois-ci, le type de risque principal est le code distant [& # 8230;]
Microsoft has released security updates for 131 vulnerabilities and a disclosure for one yet-unpatched vulnerability for its July 2023 Patch Tuesday rollout: 9 are rated as Critical while the remaining 122 are rated as Important. There is one vulnerability without a severity rating. July 2023 Risk Analysis This month\'s leading risk type is remote code […] |
Vulnerability | ★★★ | |
|
2023-07-11 15:36:15 | Comment augmenter ou remplacer votre SIEM par la plate-forme Crowdsstrike Falcon How to Augment or Replace Your SIEM with the CrowdStrike Falcon Platform (lien direct) |
Dans la partie 1 de notre série de blogs SIEM, nous avons discuté de l'état de Siems aujourd'hui et comment Crowdsstrike Falcon & Reg;Logscale résout cinq cas d'utilisation clés de SIEM tout en améliorant les résultats de sécurité et les économies de coûts par rapport aux SIEM traditionnels.Nos conversations avec les clients l'ont clairement indiqué: les exigences SIEM ne s'arrêtent pas dans les cinq cas d'utilisation couverts [& # 8230;]
In Part 1 of our SIEM blog series, we discussed the state of SIEMs today and how CrowdStrike Falcon® LogScale solves five key SIEM use cases while improving security outcomes and cost savings compared to traditional SIEMs. Our conversations with customers have made it clear: SIEM requirements don\'t stop at the five use cases covered […] |
★★★ | ||
|
2023-07-10 17:08:48 | Pourquoi les clients consolident la cybersécurité avec CrowdStrike Why Customers Are Consolidating Cybersecurity with CrowdStrike (lien direct) |
Alors que les adversaires continuent d'évoluer leurs tactiques et leurs techniques, les organisations se précipitent pour consolider leur posture de sécurité.Les équipes de sécurité se sont historiquement tournées vers des produits pointés pour combler les lacunes dans leurs défenses, ce qui stimule le problème de l'étalement de l'outil: l'entreprise moyenne déploie 45 outils liés à la cybersécurité, selon le Ponemon Institute.En ce qui concerne la sécurité, [& # 8230;]
As adversaries continue to evolve their tactics and techniques, organizations are scrambling to shore up their security posture. Security teams have historically turned to point products to fill gaps in their defenses, driving the issue of tool sprawl: The average enterprise deploys 45 cybersecurity-related tools, according to the Ponemon Institute. When it comes to security, […] |
Tool | ★★★ | |
|
2023-07-06 11:14:34 | Falcon Insight pour Chromeos: la première offre XDR native de l'industrie pour Chromeos Falcon Insight for ChromeOS: The Industry\\'s First Native XDR Offering for ChromeOS (lien direct) |
Ces dernières années, l'utilisation des appareils Chromeos parmi les entreprises a connu une augmentation significative, en particulier dans son adoption à travers les verticales, des écoles aux grandes entreprises.Selon la récente recherche IDC, 16% des organisations nord-américaines ont des dispositifs ChromeOS1 et le pourcentage ne devrait augmenter.Le succès des appareils Chromeos comme Chromebooks peut être attribué [& # 8230;]
In recent years, ChromeOS device usage among businesses has seen a significant uptick, particularly in its adoption across verticals, from schools to large enterprises. According to recent IDC research, 16% of North American organizations have ChromeOS devices1 and the percentage is only expected to increase. The success of ChromeOS devices like Chromebooks can be attributed […] |
★★★ | ||
|
2023-06-28 10:48:30 | Comment CrowdStrike utilise une cartographie basée sur la similitude pour comprendre les données de cybersécurité et empêcher les violations How CrowdStrike Uses Similarity-Based Mapping to Understand Cybersecurity Data and Prevent Breaches (lien direct) |
Les scientifiques des données Crowdsstrike décrivent un nouveau paradigme de similitude pour organiser les informations et les rendre accessibles, consultables et mappables, la nouvelle cartographie basée sur la similitude des associés de données de cybersécuritéPour violer plus efficacement le Crowdsstrike Falcon & Reg;harnais de plate-forme [& # 8230;]
CrowdStrike data scientists describe a new similarity paradigm to organize information and make it accessible, searchable and mappable The new similarity-based mapping of cybersecurity data associates disparate representations of various objects important for cybersecurity, providing scientists and analysts with the tools necessary to prevent and respond to breaches more effectively The CrowdStrike Falcon® platform harnesses […] |
Tool | ★★★ | |
|
2023-06-23 18:56:45 | Top 5 des cas d'utilisation SIEM Top 5 SIEM Use Cases CrowdStrike Falcon LogScale Solves Today (lien direct) |
Les SIEMS jouent un rôle crucial dans le SOC moderne: ils vous permettent de collecter, de corréler et d'analyser les données logarithmiques et les alertes pour la sécurité et la conformité.Pourtant, malgré leur valeur, SIEMS a eu du mal à suivre les exigences de performance et d'évolutivité de la journalisation d'aujourd'hui.Étant donné que les adversaires fonctionnent plus rapidement que jamais, les organisations doivent prioriser les capacités [& # 8230;]
SIEMs play a crucial role in the modern SOC: They allow you to collect, correlate and analyze log data and alerts for security and compliance. Yet, despite their value, SIEMs have struggled to keep up with today\'s logging performance and scalability requirements. Given that adversaries are operating faster than ever, organizations must prioritize the capabilities […] |
★★★ | ||
|
2023-06-22 18:12:12 | Affaire comme d'habitude: Falcon Complete Mdr contrecarne le roman Vanguard Panda (Volt Typhoon) Tradecraft Business as Usual: Falcon Complete MDR Thwarts Novel VANGUARD PANDA (Volt Typhoon) Tradecraft (lien direct) |
Vanguard Panda Contexte Le 24 mai 2023, les sources de l'industrie et du gouvernement ont détaillé l'activité China-Nexus dans laquelle l'acteur de menace a surnommé Volt Typhoon ciblé des entités d'infrastructures critiques basées aux États-Unis.Crowdsstrike Intelligence suit cet acteur comme Vanguard Panda.Depuis au moins la mi-2020, le Crowdsstrike Falcon & Reg;Équipe complète de détection et de réponse gérée (MDR) et The Crowdsstrike & Reg;Falcon Overwatch ™ menace [& # 8230;]
VANGUARD PANDA Background On May 24, 2023, industry and government sources detailed China-nexus activity in which the threat actor dubbed Volt Typhoon targeted U.S.-based critical infrastructure entities. CrowdStrike Intelligence tracks this actor as VANGUARD PANDA. Since at least mid-2020, the CrowdStrike Falcon® Complete managed detection and response (MDR) team and the CrowdStrike® Falcon OverWatch™ threat […] |
Threat | Guam Guam | ★★★ |
|
2023-06-15 19:21:14 | Conseils de sécurité des lignes de première ligne de la réponse aux incidents du nuage Security Guidance from the Front Lines of Cloud Incident Response (lien direct) |
Dans notre tout premier sommet des menaces de cloud, la vice-présidente principale du renseignement de CrowdStrike \\ et le directeur principal des services de conseil a discuté des façons les plus courantes que les adversaires influencent le cloud et les étapes que les organisations peuvent prendre pour rester en sécurité.Une conversation perspicace et engageante au cours de la semaine dernière, le sommet des menaces cloud de la semaine dernière a présenté Adam Meyers, vice-président principal du renseignement, [& # 8230;]
In our first-ever Cloud Threat Summit, CrowdStrike\'s Senior Vice President of Intelligence and Senior Director of Consulting Services discussed the most common ways adversaries breach the cloud and the steps organizations can take to stay safe. An insightful and engaging conversation during last week\'s Cloud Threat Summit featured Adam Meyers, Senior Vice President of Intelligence, […] |
Threat Cloud | ★★ | |
|
2023-06-13 22:11:50 | Juin 2023 Patch Mardi: 78 Vulnérabilités avec 6 classes Critical et 38 Exécution du code distant June 2023 Patch Tuesday: 78 Vulnerabilities with 6 Rated Critical and 38 Remote Code Execution (lien direct) |
Microsoft a publié 78 correctifs de sécurité pour son déploiement de juin 2023 mardi.Parmi les vulnérabilités corrigées aujourd'hui, 6 sont classés comme critiques et 38 sont des défauts d'exécution de code distant (RCE).Juin 2023 Analyse des risques de ce mois-ci, le type de risque de premier plan est l'exécution du code à distance (41%), suivie d'une élévation des privilèges à près de 22% et d'un [& # 8230;]
Microsoft has released 78 security patches for its June 2023 Patch Tuesday rollout. Of the vulnerabilities patched today, 6 are classified as Critical and 38 are remote code execution (RCE) flaws. June 2023 Risk Analysis This month\'s leading risk type is remote code execution (41%), followed by elevation of privilege at nearly 22% and a […] |
★★★ | ||
|
2023-06-13 11:56:50 | Cracking le code de la prise de décision de l'IA: exploiter la puissance des valeurs de forme Cracking the Code of AI Decision Making: Harnessing the Power of SHAP Values (lien direct) |
L'explication de l'apprentissage automatique garantit que les modèles d'IA sont transparents, dignes de confiance et une explicabilité précise permet aux scientifiques des données de comprendre comment et pourquoi un modèle d'IA est arrivé à une décision particulière ou des valeurs de forme de prédiction sont un outil puissant pour l'explication car ils fournissent un moyen de mesurer la contribution de la contribution deChaque fonctionnalité d'un modèle de [& # 8230;]
Machine learning explainability ensures that AI models are transparent, trustworthy and accurate Explainability enables data scientists to understand how and why an AI model arrived at a particular decision or prediction SHAP values are a powerful tool for explainability as they provide a way to measure the contribution of each feature in a model to […] |
Tool | ★★ | |
|
2023-06-12 00:52:24 | Les adversaires sont pratiques au Japon: connaissez la menace et connaissez la solution Adversaries Go Hands-On in Japan: Know the Threat and Know the Solution (lien direct) |
Le Japon, connu pour son innovation et son efficacité, est un leader de l'industrie mondialement reconnu.Cela met en danger les organisations basées au Japon d'être reconnus comme des cibles potentiellement précieuses par des cyber-adversaires à motivation pénale et ciblée.Ce blog, directement à partir des lignes de front de Crowdsstrike & Reg;Falcon Overwatch ™ Menace Hunting, partage des informations d'intrusion tirées de l'activité observée dans [& # 8230;]
Japan, known for its innovation and efficiency, is a globally recognized industry leader. This puts Japan-based organizations at risk of being recognized as potentially valuable targets by both criminally motivated and targeted cyber adversaries. This blog, directly from the front lines of CrowdStrike® Falcon OverWatch™ threat hunting, shares intrusion insights drawn from activity observed in […] |
Threat | ★★ | |
|
2023-06-09 20:30:42 | Donner un sens à la toile sombre avec Falcon Intelligence Recon + Making Sense of the Dark Web with Falcon Intelligence Recon+ (lien direct) |
L'immensité de la toile profonde et sombre peut facilement faire des tentatives de surveillance des cyber-menaces dans un tuyau d'incendie d'informations inutiles.Une partie du problème est la nature des flux de données qui doivent être surveillés.Chaque jour, davantage de références sont volées et exposées.Les forums criminels illégaux sont pleins de spams répétés [& # 8230;]
The vastness of the deep and dark web can easily turn attempts to monitor for cyber threats into a firehose of useless information. Part of the problem is the nature of the data streams that need to be monitored. Every day, more credentials are stolen and exposed. Illegal criminal forums are full of repeated spamming […] |
★★ | ||
|
2023-06-06 21:00:48 | Soutenir nos héros: le programme Skillbridge relie les anciens combattants aux stages Crowdsstrike Supporting Our Heroes: SkillBridge Program Connects Veterans with CrowdStrike Internships (lien direct) |
Skillbridge, un programme parrainé par le ministère américain de la Défense, aide les membres du service de transition de toutes les succursales des stages militaires sécurisés avec des partenaires d'entreprise.En tant que partisan constant de la communauté militaire, Crowdstrike est fier de participer au programme Skillbridge.Crowdsstrike a une longue histoire de défense des anciens combattants.En plus de notre collaboration [& # 8230;]
SkillBridge, a program sponsored by the U.S. Department of Defense, helps transitioning service members from all branches of the military secure internships with corporate partners. As a steadfast supporter of the military community, CrowdStrike is proud to participate in the SkillBridge program. CrowdStrike has a long history of championing veterans. In addition to our collaboration […] |
★★ | ||
|
2023-06-06 11:11:47 | CrowdStrike définit l'avenir de la sécurité du cloud avec un XDR en un clic pour identifier automatiquement et sécuriser les actifs cloud non gérés CrowdStrike Defines the Future of Cloud Security with One-Click XDR to Automatically Identify and Secure Unmanaged Cloud Assets (lien direct) |
CrowdStrike définit l'avenir de la sécurité du cloud en permettant aux clients de comprendre rapidement leur risque de cloud et de détecter, prévenir et corriger les menaces axées sur le cloud.Aujourd'hui, nous annonçons une série de nouvelles innovations sur la sécurité cloud conçues pour offrir une visibilité complète dans les chemins d'attaque potentiels, du point de terminaison au cloud et sécurisé instantanément des charges de travail de cloud vulnérables [& # 8230;]
CrowdStrike is defining the future of cloud security by empowering customers to rapidly understand their cloud risk and to detect, prevent and remediate cloud-focused threats. Today we are announcing a series of new cloud security innovations designed to deliver complete visibility into potential attack paths, from endpoint to cloud, and instantly secure vulnerable cloud workloads […] |
Cloud | ★★ | |
|
2023-06-05 12:48:38 | Movin \\ 'Out: identifier l'exfiltration des données dans les enquêtes de transfert Moveit Movin\\' Out: Identifying Data Exfiltration in MOVEit Transfer Investigations (lien direct) |
Points récapitulatifs Les organisations du monde entier continuent de découvrir les retombées du transfert Moveit Exploit CVE-2023-34362 Les répondeurs incidents en crowdsstrike ont identifié des preuves d'exfiltration de fichiers de masse à partir de l'application Movenit, à la suite de l'activité de webshell sur l'activité d'exfiltration de données de mouvement de mouvement compromise des systèmes de déplacement des systèmes de déplacement des systèmes Moveit.Peut être identifié en analysant la base de données d'application Moveit et [& # 8230;]
Summary Points Organizations around the globe continue to experience the fallout of the MOVEit Transfer exploit CVE-2023-34362 CrowdStrike incident responders have identified evidence of mass file exfiltration from the MOVEit application, as a result of the webshell activity on compromised MOVEit systems Data exfiltration activity can be identified by analyzing the MOVEit application database and […] |
★★ | ||
|
2023-06-02 20:09:55 | CrowdStrike améliore Falcon Discover pour réduire la surface d'attaque, rationaliser les opérations et réduire les coûts CrowdStrike Enhances Falcon Discover to Reduce the Attack Surface, Streamline Operations and Lower Costs (lien direct) |
Crowdsstrike Falcon & Reg;Discover offre une visibilité approfondie des actifs sans matériel à déployer ou à gérer, offrant un contexte précieux pour tous vos actifs.Pour les équipes et les équipes de sécurité, Falcon Discover est un outil puissant pour arrêter les violations.La majorité des clients Crowdsstrike utilisent déjà Falcon Discover pour améliorer leur posture informatique et de sécurité.Continuer [& # 8230;]
CrowdStrike Falcon® Discover delivers deep asset visibility with no hardware to deploy or manage, providing valuable context for all of your assets. For IT and security teams alike, Falcon Discover is a powerful tool to stop breaches. The majority of CrowdStrike customers already use Falcon Discover to improve their IT and security posture. To continue […] |
Tool | ★★ | |
|
2023-06-01 11:30:59 | CrowdStrike investit et s'associe à la sécurité prélude pour générer des tests et une validation de sécurité continus pour nos clients CrowdStrike Invests in and Partners with Prelude Security to Drive Continuous Security Testing and Validation for Our Customers (lien direct) |
La gestion de la posture de sécurité à grande échelle est un défi important pour les organisations mondiales de toutes tailles.Avec un domaine de sécurité en pleine expansion et un écart mondial de travailleurs de 3,4 millions, selon (ICS) 2, il est impératif que l'efficacité des contrôles défensives soit maximisée pour lutter contre les adversaires sophistiqués.Pour ce faire efficacement, les organisations doivent [& # 8230;]
Managing security posture at scale is a significant challenge for global organizations of all sizes. With a rapidly expanding security estate and a global worker gap of 3.4 million, according to (ICS)2, it is imperative that the efficacy of defensive controls is maximized to combat sophisticated adversaries. In order to do so effectively, organizations must […] |
★★ | ||
|
2023-02-28 06:21:51 | CrowdStrike 2023 Global Threat Report: Resilient Businesses Fight Relentless Adversaries (lien direct) | The CrowdStrike 2023 Global Threat Report, among the most trusted and comprehensive research on the modern threat landscape, explores the most significant security events and trends of the previous year, as well as the adversaries driving this activity. The latest edition of the CrowdStrike Global Threat Report comes at a critical time for organizations around […] | Threat | ★★ | |
|
2023-02-23 19:46:09 | How to Ingest Data into Falcon LogScale Using Python (lien direct) | This post covers how to ingest data into CrowdStrike Falcon® LogScale from your MacOS platform using Python. This guide is great for setting up a one-node proof of concept (POC) so you can take advantage of LogScale’s free trial. Before you can write your ingest client, you must prepare a good foundation. That means preparing […] | ★★ | ||
|
2023-02-23 08:16:05 | CrowdStrike Uncovers I2Pminer MacOS Mineware Variant (lien direct) | CrowdStrike analyzed an I2Pminer variant that targets macOS The mineware utilizes I2P to hide XMRig network traffic The CrowdStrike Falcon® platform provides continuous protection against mineware threats by offering real-time visibility across workloads CrowdStrike recently analyzed a macOS-targeted mineware campaign that utilized malicious application bundles to deliver open source XMRig cryptomining software and Invisible Internet […] | Tool | ★★★ | |
|
2023-02-23 00:10:37 | Mitigate Cyber Risk From Email With the Falcon LogScale and Mimecast Integration (lien direct) | Email is the top initial attack vector, with phishing campaigns responsible for many damaging cyber attacks, including ransomware. Being able to search Mimecast email security logs in CrowdStrike Falcon® LogScale (formerly known as Humio), alongside other log sources such as endpoint, network and authentication data helps cybersecurity teams detect and respond to cyber attacks. This […] | ★★★ | ||
|
2023-02-17 07:45:42 | 3 Ways Visualization Improves Cloud Asset Management and Security (lien direct) | Public cloud services and cloud assets are agile and dynamic environments. Close oversight of these assets is a critical component of your asset management and security practices. While it's important to understand the relationships and potential vulnerabilities of your cloud assets, the practice of managing these systems is complicated by the ever-changing nature of cloud […] | Cloud | ★★★ | |
|
2023-02-16 07:45:53 | CrowdStrike Ranked #1 in the IDC Worldwide Endpoint Security Market Shares Report for Third Time in a Row (lien direct) | CrowdStrike maintains endpoint security market leadership with a #1 ranking in IDC's 2021-2022 report, and has been awarded Best Endpoint Detection and Response and Best Product Development by SE Labs. These recognitions validate CrowdStrike as the industry's market and innovation leader in endpoint security. We're honored to share CrowdStrike has been ranked #1 out of […] | Guideline | ★★★ | |
|
2023-02-15 16:15:46 | February 2023 Patch Tuesday: 9 Critical CVEs, and 3 Zero Days Being Actively Exploited in the Wild (lien direct) | Microsoft has released 75 security patches for its February 2023 Patch Tuesday rollout: 9 vulnerabilities are rated Critical, and the remaining 66 are rated Important. Three actively exploited vulnerabilities were reported by the vendor: an elevation of privilege within Windows Common Log File System Driver (CVE-2023-23376), a security feature bypass in Microsoft Office (CVE-2023-21715), and […] | ★★★ | ||
|
2023-02-13 15:01:35 | DLL Side-Loading: How to Combat Threat Actor Evasion Techniques (lien direct) | Threat actors constantly evolve their tactics and techniques to circumvent security solutions. Working at the cutting-edge of detection engineering, CrowdStrike rapidly tracks and observes these evolutions in tactics to deliver timely, effective detections that protect customers. In this blog, we explore DLL side-loading and learn how CrowdStrike has expanded protections with Advanced Memory Scanning. Learn […] | Threat | ★★ | |
|
2023-02-07 19:53:40 | Make Compliance a Breeze with Modern Log Management (lien direct) | From manufacturers in Michigan to fintechs in Finland, every business must comply with industry regulations - which are increasingly constraining. At the same time, businesses must protect and account for a growing number of systems, applications and data in order to remain compliant. In other words, compliance is getting harder. Enter log management. While regulations […] | ★★ | ||
|
2023-02-01 21:34:45 | Using Artificial Intelligence and Machine Learning to Combat Hands-on-Keyboard Cybersecurity Attacks (lien direct) | Malware gets the headlines, but the bigger threat is hands-on-keyboard adversary activity which can evade traditional security solutions and present detection challenges Machine learning (ML) can predict and proactively protect against emerging threats by using behavioral event data. CrowdStrike's artificial intelligence (AI)-powered indicators of attack (IOAs) use ML to detect and predict adversarial patterns in […] | Malware Threat Prediction | ★★★ | |
|
2023-02-01 08:48:42 | CrowdStrike Announces Expanded Service Integrations with AWS (lien direct) | At AWS re:Invent 2022, CrowdStrike announced expanded service integrations with AWS to provide breach protection across your AWS environment, simplified infrastructure management and security consolidation. On January 31, 2023, AWS announced CloudTrail Lake Partner Integrations, with CrowdStrike signing on as a launch partner. With this integration, organizations get the opportunity for a consistent security posture […] | ★★★ | ||
|
2022-12-15 07:06:59 | Unveiling CrowdStrike Falcon Surface: The Industry\'s Most Complete Adversary-Driven External Attack Surface Management (EASM) Technology (lien direct) | Resilient cybersecurity posture can only be achieved with a full understanding of your internal and external attack surface. CrowdStrike Falcon® Surface builds on our award-winning adversary intelligence with cutting-edge external attack surface management (EASM) capabilities for a complete picture of known and unknown externally exposed assets, all delivered via the unified CrowdStrike Falcon® platform. As […] | ★★ | ||
|
2022-12-14 19:37:51 | December 2022 Patch Tuesday: 10 Critical CVEs, One Zero-Day, One Under Active Attack (lien direct) | Microsoft has released 49 security patches for its December 2022 Patch Tuesday rollout. Of these, 10 vulnerabilities are rated Critical, two are rated Medium and the rest are rated Important. DirectX Graphics Kernel Elevation of Privilege Vulnerability (CVE-2022-44710) is listed as publicly known while Windows SmartScreen Security Feature Bypass Vulnerability (CVE-2022-44698) is listed as actively […] | Vulnerability | ★★ | |
|
2022-12-14 17:43:30 | Why Managed Threat Hunting Should Top Every CISO\'s Holiday Wish List (lien direct) | With the end of the year fast approaching, many of us are looking forward to a well-deserved break. However, security practitioners and security leaders worldwide are bracing themselves for what has become a peak period for novel and disruptive threats. In 2020, the holiday season was marked by the SUNBURST incident, and in 2021 the […] | Threat Guideline | Solardwinds | ★★ |
|
2022-12-14 13:58:34 | Attackers Set Sights on Active Directory: Understanding Your Identity Exposure (lien direct) | Eighty percent of modern attacks are identity-driven. Why would an attacker hack into a system when they can simply use stolen credentials to masquerade as an approved user and log in to the target organization? Once inside, attackers increasingly target Microsoft Active Directory because it holds the proverbial keys to the kingdom, providing broad access […] | Hack | ★★ | |
|
2022-12-13 22:29:24 | CrowdStrike Services Helps Organizations Prioritize Patching Vulnerabilities with CrowdStrike Falcon Spotlight (lien direct) | When the CrowdStrike Services team conducts a proactive security engagement, such as a Cybersecurity Maturity Assessment or Tabletop Exercise, it often uses CrowdStrike Falcon® Spotlight to identify what vulnerabilities exist in the environment. Unfortunately, this can be a disheartening experience, as many organizations we see have millions, even tens of millions, of unpatched vulnerabilities. It's […] | Patching | ★★ | |
|
2022-12-13 07:16:18 | Our Customers Have Spoken: CrowdStrike Delivers the Best in EDR, EPP and XDR (lien direct) | Time and again, analyst reports, independent tests and numerous other awards and acknowledgements affirm CrowdStrike is a leader in cybersecurity. Why is this important? Because when CrowdStrike is #1, it's our customers who win. But to us, the best validation of the power of the CrowdStrike Falcon® platform comes from our customers themselves. We are […] | Guideline | ★★ | |
|
2022-12-09 19:52:16 | Importing Docker Logs with CrowdStrike Falcon LogScale Collector (lien direct) | Docker is the primary tool used for containerizing workloads. If your company wants to build containers with quality, then you'll need access to your Docker container logs for debugging, validation and optimization. While engineering teams can view container logs through straightforward CLI tools (think docker logs), these tools don't provide a mechanism for storing or […] | Tool | ★★ | |
|
2022-12-09 15:15:51 | 5 Partner Predictions for 2023 from CrowdStrike\'s Channel Chief (lien direct) | As vice president of global alliances for CrowdStrike, I have the pleasure of meeting daily and weekly with our partners around the globe to ensure that CrowdStrike is addressing their needs and the needs of their customers with our products and services. As a benefit of talking with our partner ecosystem, I have gained a […] | ★★ | ||
|
2022-12-09 00:21:38 | Integration Exploration: Getting Started with Falcon LogScale and Bucket Storage on AWS S3 (lien direct) | If you run CrowdStrike Falcon® LogScale, previously known as Humio, locally or on-premises, one of your first steps is to configure local storage so that LogScale has a persistent data store where it can send logs. If you're running LogScale as a cluster setup, then you'll have some data replication as a function of how […] | ★★ | ||
|
2022-12-07 22:27:34 | Inside the MITRE ATT&CK Evaluation: How CrowdStrike\'s Elite Managed Services Operate in the Real World (lien direct) | Following CrowdStrike's strong performance in the first-ever MITRE ATT&CK® Evaluations for Security Managed Services Providers with 99% detection coverage, we take a deep dive into the testing process and how our elite managed services operate in the real world. We recently announced CrowdStrike achieved 99% detection coverage in the inaugural MITRE ATT&CK Evaluations for Security […] | ★★★ | ||
|
2022-10-25 07:31:05 | CrowdStrike Falcon Platform Achieves 100% Ransomware Prevention with Zero False Positives, Wins AAA Enterprise Advanced Security Award from SE Labs (lien direct) | The CrowdStrike Falcon® platform achieved 100% protection accuracy and 100% legitimacy accuracy with zero false positives, winning SE Labs' first-ever endpoint detection and response (EDR) ransomware detection and protection test The Falcon platform detected and blocked 100% of ransomware files during testing, which involved both direct attacks with 270 ransomware variations and deep attack tactics, […] | Ransomware | ||
|
2022-10-21 20:30:49 | CrowdStrike Advances to Research Partner with MITRE Engenuity Center for Threat-Informed Defense to Help Lead the Future of Cyber Defense (lien direct) | CrowdStrike is deepening its commitment to advancing the security ecosystem leading the future of protection by becoming a top-tier partner in the MITRE Center for Threat-Informed Defense research program. CrowdStrike's adversary-centric approach and technology leadership can help change the game on adversaries, turning state-of-the-art threat defense into a state of practice. CrowdStrike is now a […] | Threat Guideline | ||
|
2022-10-21 11:21:13 | Playing Hide-and-Seek with Ransomware, Part 2 (lien direct) | In Part 1, we explained what Intel SGX enclaves are and how they benefit ransomware authors. In Part 2, we explore a hypothetical step-by-step implementation and outline the limitations of this method. Watch this live attack demo to see how the CrowdStrike Falcon® platform and the CrowdStrike Falcon Complete™ managed detection and response team protect […] | Ransomware | ||
|
2022-10-20 08:33:08 | CrowdStrike and Google Chrome: Building an Integrated Ecosystem to Secure Your Enterprise Using the Power of Log Management (lien direct) | Organizations today face an onslaught of attacks across devices, identity and cloud workloads. The more security telemetry an organization has to work with, the better threat hunters can contextualize events to find and remediate potential threats. Google recently announced Chrome Enterprise Connectors Framework, a collection of plug-and-play integrations with industry-leading security solution providers. The framework […] | Threat Guideline | ||
|
2022-10-19 20:22:29 | CrowdStrike\'s Cloud Security and Observability Capabilities to Be Showcased at KubeCon + CloudNativeCon North America 2022 (lien direct) | KubeCon + CloudNativeCon North America 2022 is happening next week, and we're excited to showcase our industry leading cloud-native application protection platform (CNAPP) capabilities and observability technology. The conference, Oct. 24-28 in Detroit, will gather adopters, technologists and developers from leading open-source and cloud-native communities around the globe. CrowdStrike CNAPP Capabilities on Display The CrowdStrike […] | Guideline | ||
|
2022-10-18 19:49:21 | Why Your Small Business Needs to Rethink Its Cybersecurity Strategy (lien direct) | Cybercrime is a big problem for small businesses, and the risk of advanced threats continues to grow. This Cybersecurity Awareness Month, learn how to protect your SMB or nonprofit from attacks that threaten the business. The cybersecurity threat to small- and medium-sized businesses (SMBs) continues to grow as cybercriminals recognize how vulnerable they can be, […] | Threat | ||
|
2022-10-18 17:02:37 | Do You Know Who\'s in Your Cloud? Preventing Identity-Based Threats with CIEM (lien direct) | As organizations continue to shift to multi-cloud environments and increasingly use cloud services for application development, new challenges emerge that require dramatic changes in the delivery and practice of cybersecurity. Notably, Gartner predicts that inadequate management of identities, access and privileges will cause 75% of cloud security failures by 2023.1 Though public cloud service providers […] | |||
|
2022-10-14 13:31:07 | The Anatomy of Wiper Malware, Part 4: Less Common “Helper” Techniques (lien direct) | This is the fourth blog post in a four-part series. Read Part 1 | Part 2 | Part 3. In Part 3, CrowdStrike’s Endpoint Protection Content Research Team covered the finer points of Input/Output Control (IOCTL) usage by various wipers. The fourth and final part of the wiper series covers some of the rarely used […] | |||
|
2022-10-13 20:48:10 | October 2022 Patch Tuesday: 13 Critical CVEs, One Actively Exploited Bug, ProxyNotShell Still Unpatched (lien direct) | Microsoft has released 84 security patches for its October 2022 Patch Tuesday rollout. Of these, 13 vulnerabilities are rated Critical, while the remaining 71 are rated Important. It should be noted that this month's patching update does not include patches for ProxyNotShell, despite the active exploitation of two related vulnerabilities; CrowdStrike offers recommendations on mitigation […] | Patching | ||
|
2022-10-13 13:14:34 | CrowdStrike Partners with MITRE CTID to Identify Adversaries Using Cloud Analytics (lien direct) | Fourteen key cloud analytics for Azure and GCP cloud environments were identified and mapped as indicative of adversary behavior and serve as a blueprint for understanding and writing new cloud analytics. The CrowdStrike Falcon®® platform delivers a powerful combination of agentless capabilities to protect against misconfigurations and control plane attacks, along with agent-based runtime security […] | |||
|
2022-09-14 08:00:00 | Coming Soon to Las Vegas: Fal.Con 2022 Event Highlights and Special Guests (lien direct) | The countdown continues! As Fal.Con 2022 quickly approaches, we're excited to share more information about the security industry visionaries and notable talks on the agenda for the sixth annual CrowdStrike conference for customers and cybersecurity professionals. IT and security practitioners must stay a step ahead of adversaries who are constantly evolving their tactics, techniques and […] | |||
|
2022-09-13 20:56:40 | 2022 Threat Hunting Report: Falcon OverWatch Looks Back to Prepare Defenders for Tomorrow\'s Adversaries (lien direct) | Another turbulent year for cybersecurity finds itself right at home alongside global economic headwinds and geopolitical tensions. This year has been defined by rampant affiliate activity, a seemingly endless stream of new vulnerabilities and exploits, and the widespread abuse of valid credentials. These circumstances have conspired to drive a 50% increase in interactive intrusion activity […] | Threat |
To see everything:
Our RSS (filtrered)
