What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-05-20 09:02:24 | Mirai Malware Variants for Linux Double Down on Stronger Chips in Q1 2022 (lien direct) | According to CrowdStrike research, Mirai malware variants compiled for Intel-powered Linux systems double (101%) in Q1 2022 compared to Q1 2021 Mirai malware variants that targeted 32-bit x86 processors increased the most (120% in Q1 2022 vs. Q1 2021) Mirai malware is used to compromise internet-connected devices, amass them into botnets and use their collective […] | Malware | ||
|
2022-05-19 17:26:41 | CrowdStrike Cloud Security Extends to New Red Hat Enterprise Linux Versions (lien direct) | As organizations increasingly move to hybrid cloud environments to increase agility, scale and competitive advantage, adversaries are correspondingly looking to exploit these environments. According to the CrowdStrike 2022 Global Threat Report, cloud-based services are “increasingly abused by malicious actors in the course of computer network operations (CNO), a trend that is likely to continue in […] | Threat | ||
|
2022-05-16 14:53:23 | CrowdStrike Named an Overall Leader in 2022 KuppingerCole Leadership Compass for EPDR Market (lien direct) | CrowdStrike is proud to announce its recognition as an Overall Leader with the highest rating in the 2022 KuppingerCole Leadership Compass for vendors in the Endpoint Protection, Detection & Response (EPDR) market. The Overall Leadership ranking provides a combined view of ratings across Product, Innovation and Market Leadership categories. Our acknowledgement as an Overall Leader […] | Guideline | ||
|
2022-05-13 08:52:13 | Follow the Money: How eCriminals Monetize Ransomware (lien direct) | The transaction details and monetization patterns of modern eCrime reveal critical insights for organizations defending against ransomware attacks. Cybercrime has evolved over the past several years from simple “spray and pray” attacks to a sophisticated criminal ecosystem centered around highly effective monetization techniques that enable adversaries to maximize success and profitability. Monetization is the step […] | Ransomware | ||
|
2022-05-13 08:34:54 | Denise Stemen, CrowdStrike Director of Customer Crisis Strategy and Response, on Bringing Inclusivity to Life (lien direct) | If you're a CrowdStrike client or partner working with Denise Stemen, our new Director of Customer Crisis Strategy and Response, know that you're in good hands. After 22 years in the Federal Bureau of Investigation (FBI) - plus 10 years before that teaching in public schools - Denise knows how to bring calm and order […] | |||
|
2022-05-12 16:43:58 | CrowdStrike Falcon Pro for Mac Achieves Highest Score in AV-TEST MacOS Evaluation for Business Users (March 2022) (lien direct) | CrowdStrike Falcon® achieves the maximum score of 18 points in the first 2022 AV-TEST MacOS evaluation for business users AV-TEST is an independent research institute for IT security that performs quality-assuring comparison and tests for security products Falcon demonstrates excellent protection, performance and visibility against MacOS threats, with zero false alarms, using the power of […] | ★★ | ||
|
2022-05-12 13:09:11 | One engineer. One day. One petabyte of log data. (lien direct) | This blog was originally published March 8, 2022 on humio.com. Humio is a CrowdStrike Company. Humio recently unveiled the results of its latest benchmark, where the log management platform achieved a new benchmark of 1 petabyte (PB) of streaming log ingestion per day. This benchmark showcases the power of Humio and its ability to scale with […] | ★★★ | ||
|
2022-05-12 11:15:30 | May 2022 Patch Tuesday: Six Critical CVEs Fixed and a Windows Vulnerability Actively Exploited (lien direct) | Microsoft has released 73 security patches for its May Patch Tuesday rollout. One of the 73 CVEs addressed, Windows LSA Spoofing Vulnerability CVE-2022-26925, is ranked as Important and is under active exploitation. In this blog, the CrowdStrike Falcon Spotlight™ team offers an analysis on this monthâs vulnerabilities, highlighting those that are most severe and recommending […] | Vulnerability | ★★★★ | |
|
2022-05-11 05:39:00 | Proactive Threat Hunting Bears Fruit: Falcon OverWatch Detects Novel IceApple Post-Exploitation Framework (lien direct) | The CrowdStrike Falcon OverWatch™ proactive threat hunting team has uncovered a sophisticated .NET-based post-exploitation framework, dubbed IceApple. Since OverWatchâs first detection in late 2021, the framework has been observed in multiple victim environments in geographically distinct locations, with intrusions spanning the technology, academic and government sectors. The emergence of new and evolving IceApple modules over […] | Threat | ★★★ | |
|
2022-05-10 14:34:32 | CrowdStrike Partners with Center for Threat-Informed Defense to Reveal Top Attack Techniques Defenders Should Prioritize (lien direct) | CrowdStrike is a Research Sponsor and contributor for the new Top ATT&CK Techniques project â an initiative of the Center for Threat-Informed Defense, a non-profit, privately funded research and development organization operated by MITRE Engenuity â to provide prioritization for adversary attack techniques The Center for Threat-Informed Defense will introduce three critical new components to […] | ★★ | ||
|
2022-05-10 12:17:59 | Humio Sets the Standard for Data Ingestion with Scalability Benchmark Streaming over One Petabyte of Data per Day (lien direct) | This blog was originally published March 8, 2022 on humio.com. Humio is a CrowdStrike Company. Humio is excited to achieve another milestone in data ingestion by reaching a benchmark of over one petabyte of data ingestion per day. The Humio engineering team completed a one petabyte benchmark on only 45 nodes with 96 cores each, running […] | ★★ | ||
|
2022-05-06 06:43:27 | macOS Malware Is More Reality Than Myth: Popular Threats and Challenges in Analysis (lien direct) | Ransomware (43% of analyzed threat data), backdoors (35%) and trojans (17%) were the most popular macOS malware categories spotted by CrowdStrike researchers in 2021 OSX.EvilQuest (ransomware), OSX.FlashBack (backdoor) and OSX.Lador (trojan) were the most prevalent threats in their respective categories To strengthen customer protection, CrowdStrike researchers continuously build better automated detection capabilities by analyzing and […] | Ransomware Malware Threat | ★★★ | |
|
2022-05-05 11:48:27 | Start Logging Everything: Humio Community Edition Series (lien direct) | This blog was originally published January 24, 2022 on humio.com. Humio is a CrowdStrike Company. In this blog, weâll show you, step by step, how to download stock data and then upload it to Humio. You can then search that data and build a dashboard for fast insights. Subsequent blog posts will expand on this […] | |||
|
2022-05-05 11:22:42 | How Senior Manager for Learning and Talent Lowell Doringo Helps CrowdStrikers Excel (lien direct) | CrowdStrike employees may be at the very forefront of their respective fields, but it takes a culture of constant learning and development to maintain their edge. Here to talk about how he helps develop programs to build and enhance skills of all types is CrowdStrike Senior Manager for Learning and Talent Lowell Doringo. Q. Tell […] | |||
|
2022-05-05 06:45:56 | How Falcon OverWatch Spots Destructive Threats in MITRE Adversary Emulation (lien direct) | In the recent ââMITRE Engenuity ATT&CK Enterprise Evaluation, CrowdStrike demonstrated the power of its unified platform approach to stopping breaches. Facing attack emulations from the highly sophisticated WIZARD SPIDER and VOODOO BEAR (Sandworm Team) adversaries, the CrowdStrike Falcon® platform: Achieved 100% automated prevention across all of the MITRE Engenuity ATT&CK Enterprise Evaluation steps. Demonstrated powerful […] | |||
|
2022-05-04 05:45:48 | Compromised Docker Honeypots Used for Pro-Ukrainian DoS Attack (lien direct) | Container and cloud-based resources are being abused to deploy disruptive tools. The use of compromised infrastructure has far-reaching consequences for organizations who may unwittingly be participating in hostile activity against Russian government, military and civilian targets. Docker Engine honeypots were compromised to execute two different Docker images targeting Russian, Belarusian and Lithuanian websites in a […] | |||
|
2022-05-03 19:57:44 | VP of Humio Marketing Cinthia Portugal on the Role of Marketing in Achieving the CrowdStrike Mission (lien direct) | At CrowdStrike, we often say that every team and every person plays a role in helping our company achieve our mission to stop breaches. VP of Humio Marketing Cinthia Portugal is no exception. In this latest installment in our 5 Questions series, Cinthia sits down to talk about her leadership role and how her team […] | Guideline | ||
|
2022-05-03 08:37:30 | CVE-2022-23648: Kubernetes Container Escape Using Containerd CRI Plugin and Mitigation (lien direct) | CVE-2022-23648, reported by Googleâs Project Zero in November 2021, is a Kubernetes runtime vulnerability found in Containerd, a popular Kubernetes runtime. It lies in Containerdâs CRI plugin that handles OCI image specs containing âVolumes.â The attacker can add Volume containing path traversal to the image and use it to copy arbitrary files from the host […] | Vulnerability | Uber | |
|
2022-04-28 08:12:34 | Falcon Fusion Accelerates Orchestrated and Automated Response Time (lien direct) | CrowdStrike Falcon Fusion automates and accelerates incident response by orchestrating sandbox detonations to automatically analyze related malware samples and enrich the results with industry-leading threat insights Falcon Fusion enables analysts to build real-time active response and notification capabilities with customized triggers based on detection and incident disposition The CrowdStrike Falcon® platform leverages critical context, visibility […] | Malware Threat Guideline | ||
|
2022-04-27 06:30:19 | CrowdStrike Delivers Adversary-Focused, Platform Approach to CNAPP and Cloud Security (lien direct) | CrowdStrike Falcon® delivers comprehensive cloud security, combining agent-based and agentless protection in a single, unified platform experience Integrated threat intelligence delivers a powerful, adversary-focused approach to stopping cloud breaches Cloud-based services have revolutionized business processes and emerged as the backbone of the modern enterprise. According to analyst firm Gartner®, âmore than 85% of organizations will […] | Threat | ||
|
2022-04-22 12:37:02 | UX Writer Michelle Handelman on Giving Customers the Information They Need to Succeed (lien direct) | When you get an error message on a website or app, do you wonder where it comes from? In most cases, a person writes every bit of copy in apps, websites, notifications, alerts and more. At CrowdStrike, that person may be UX Writer Michelle Handelman. Here we sit down with Michelle to discuss her role, […] | |||
|
2022-04-22 08:30:52 | Navigating the Five Stages of Grief During a Breach (lien direct) | Every security professional dreads âThe Phone Call.â The one at 2 a.m. where the tired voice of a security analyst on the other end of the line shares information that is soon drowned out by your heart thumping in your ears. Your mind races. There are so many things to do, so many people to […] | |||
|
2022-04-21 08:23:55 | LemonDuck Targets Docker for Cryptomining Operations (lien direct) | LemonDuck, a well-known cryptomining botnet, is targeting Docker to mine cryptocurrency on Linux systems. This campaign is currently active. It runs an anonymous mining operation by the use of proxy pools, which hide the wallet addresses. It evades detection by targeting Alibaba Cloudâs monitoring service and disabling it. CrowdStrike customers are protected from this threat […] | Threat | ||
|
2022-04-20 12:42:51 | CrowdStrike Falcon Spotlight Fuses Endpoint Data with CISA\'s Known Exploited Vulnerabilities Catalog (lien direct) | In this blog you will: Learn how to leverage the CrowdStrike Falcon Spotlight™ integrated threat and vulnerability management module to fuse your endpoint telemetry with CISA’s Known Exploited Vulnerabilities Catalog Learn how to use the CrowdStrike Falcon® console to further investigate and take action The U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency […] | Vulnerability Threat | ||
|
2022-04-19 12:33:33 | Security Doesnât Stop at the First Alert: Falcon X Threat Intelligence Offers New Context in MITRE ATT&CK Evaluation (lien direct) | The CrowdStrike Falcon® platform delivers 100% prevention across all nine steps in the MITRE Engenuity ATT&CK® Enterprise Evaluation CrowdStrike extends endpoint and workload protection by fully integrating threat intelligence into the Falcon platform â CrowdStrike Falcon X™ enables CrowdStrike users to pivot seamlessly from detections to the latest intelligence on todayâs adversaries, including their motivation […] | Threat | ||
|
2022-04-15 13:32:04 | Engineer Rotem Bar On on Solving Big Challenges with Autonomy in Cybersecurity (lien direct) | Our latest installment of 5 Questions takes us to Tel Aviv, where we sit down with Rotem Bar On to discuss his role on the cloud infrastructure team, what he loves about his job and how he is helping CrowdStrike build a scalable, future-proof system. Q. What is your role and what drew you to […] | |||
|
2022-04-13 12:36:07 | XDR: A New Vision for InfoSecâs Ongoing Problems (lien direct) | Let’s face it. The information security industry loves a new acronym. For industry long-timers, a new acronym might be just the latest reason for an eye roll. For folks new to the field, it can be very confusing. A constructive way to look at XDR â extended detection and response â is as an opportunity […] | |||
|
2022-04-08 16:06:10 | How Human Intelligence Is Supercharging CrowdStrike\'s Artificial Intelligence (lien direct) | The CrowdStrike Security Cloud processes over a trillion events from endpoint sensors per day, but human professionals play a vital role in providing structure and ground truth for artificial intelligence (AI) to be effective. Without human professionals, AI is useless. There is a new trope in the security industry, and it goes something like this: […] | |||
|
2022-04-08 13:21:44 | CrowdStrikeâs First Employee and Pride ERG Executive Sponsor Hyacinth Diehl on International Transgender Day of Visibility (lien direct) | When Hyacinth Diehl (pronouns: he/they/she – mix it up!) joined CrowdStrike as the first employee in 2011, identity was top of mind. For one thing, they selected the title Tool-Using Mammal after learning from past experience that having a title like Chief Architect or Senior Engineer could be limiting. âPeople will put you in a […] | |||
|
2022-04-07 20:16:40 | How to Create Custom Cloud Security Posture Policies (lien direct) | Introduction Falcon Horizon, CrowdStrikeâs Cloud Security Posture Management solution, uses configuration and behavioral policies to monitor public cloud deployments, proactively identify issues and resolve potential security problems. However, customers are not limited to predefined policies. This article will review the different options for creating custom cloud security posture management policies in Falcon Horizon. Video ï"¿ […] | |||
|
2022-04-07 09:12:13 | Falcon Platform Identity Protection Shuts Down MITRE ATT&CK Adversaries (lien direct) | âWe were asked to disable identity protection capabilities to let the testing proceed â and still achieved 100% prevention.â The weeks following the release of the MITRE Engenuity ATT&CK Evaluation can be confusing when trying to interpret the results and cut through the noise. But one thing is crystal clear in this yearâs evaluation that […] | |||
|
2022-04-06 08:47:07 | CrowdStrike âDominatesâ in Endpoint Detection and Response (lien direct) | âCrowdStrike dominates in EDR while building its future in XDR and Zero Trust.â â The Forrester Wave™: Endpoint Detection and Response Providers, Q2 2022 We are excited that Forrester has named CrowdStrike a âLeaderâ in The Forrester Wave™: Endpoint Detection and Response (EDR) Providers, Q2 2022 and recognized us as dominating in EDR while building […] | Guideline | ||
|
2022-04-04 21:12:29 | Runtime Protection: The Secret Weapon for Stopping Breaches in the Cloud (lien direct) | Mistakes are easy to make, but in the world of cloud computing, they arenât always easy to find and remediate without help. Cloud misconfigurations are frequently cited as the most common causes of breaches in the cloud. According to a 2021 survey from VMware and the Cloud Security Alliance, one in six surveyed companies experienced […] | |||
|
2022-04-01 13:00:29 | BERT Embeddings: A Modern Machine-learning Approach for Detecting Malware from Command Lines (Part 2 of 2) (lien direct) | A novel methodology, BERT embedding, enables large-scale machine learning model training for detecting malware It reduces dependency on human threat analyst involvement in training machine learning models Bidirectional Encoder Representation from Transformers (BERT) embeddings enable performant results in model training CrowdStrike researchers constantly explore novel approaches to improve the automated detection and protection capabilities of […] | Malware Threat | ||
|
2022-03-31 15:41:48 | CrowdStrike Achieves 100% Prevention in Recent MITRE Engenuity ATT&CK Evaluation Emulating Russia-based Threat Groups (lien direct) | âWe were asked to disable identity protection capabilities to let the testing proceed â and still achieved 100% prevention.â The CrowdStrike Falcon® platform delivers 100% prevention across all nine steps in the MITRE Engenuity ATT&CK® Enterprise Evaluation The Falcon platform delivers comprehensive visibility and actionable alerts, scoring visibility on 96% of substeps in the ATT&CK […] | Threat | ||
|
2022-03-31 08:54:15 | Celebrating Transgender Day of Visibility as an Out and Proud Trans Man. (lien direct) | Transgender Day of Visibility is a day dedicated to recognizing the resilience and accomplishments of the transgender community. This day means showing up and being visible, especially for those who cannot. I am an out and proud Trans man, and I am visible because I know many cannot for fear of their physical security, work […] | |||
|
2022-03-31 08:43:09 | Cloudy with a Chance of Unclear Mailbox Sync: CrowdStrike Services Identifies Logging Inconsistencies in Microsoft 365 (lien direct) | Multiple investigations and testing by the CrowdStrike Services team identified inconsistencies in Azure AD sign-in logs that incorrectly showed successful logins via Internet Mail Access Protocol (IMAP) despite it being blocked. Investigators rely on these logs to determine threat actor activity in investigations that often involve legal and regulatory consequences for organizations. This blog includes […] | Threat | ||
|
2022-03-30 08:00:45 | Who is EMBER BEAR? (lien direct) | 4/4/22 Editorâs note: The hearing described below has been rescheduled for 10 a.m. EST on Tuesday, April 5. On Wednesday, March 30, 2022, Adam Meyers, CrowdStrike Senior Vice President of Intelligence, will testify in front of CHS (House Committee on Homeland Security) on Russian cyber threats to critical infrastructure. Within his testimony, Adam will speak […] | |||
|
2022-03-29 13:41:43 | Maintaining Security Consistency from Endpoint to Workload and Everywhere in Between (lien direct) | In todayâs fast-paced world, mobility, connectivity and data access are essential. As organizations grow and add more workloads, containers, distributed endpoints and different security solutions to protect them, security can quickly become complex. Modern attacks and adversary tradecraft target vulnerable areas to achieve their objectives. Threats can originate at the endpoint to attack the cloud, […] | |||
|
2022-03-28 08:25:31 | CrowdStrike Named a Leader in The Forrester Wave™: Cybersecurity Incident Response Services, Q1 2022 (lien direct) | CrowdStrike has been recognized as a Leader in the Forrester Wave™ for Cybersecurity Incident Response Services. When it comes to incident response (IR), time is of the essence. The longer it takes to detect threat activity, investigate an incident and remediate systems across highly distributed environments, the deeper into the threat lifecycle the adversary gets. […] | Threat Guideline | ||
|
2022-03-23 09:10:03 | Falcon OverWatch Threat Hunting Contributes to Seamless Protection Against Novel BlackCat Attack (lien direct) | In an effort to stay ahead of improvements in automated detections and preventions, adversary groups continually look to new tactics, techniques and procedures (TTPs), and new tooling to progress their mission objectives. One group â known as BlackCat/ALPHV â has taken the sophisticated approach of developing their tooling from the ground up, using newer, more […] | Threat | ||
|
2022-03-23 09:05:00 | CrowdStrike Named a Strong Performer in 2022 Forrester Wave for Cloud Workload Security (lien direct) | âIn its current CWS offering, the vendor has great CSPM capabilities for Azure, including detecting overprivileged admins and enforcing storage least privilege and encryption, virtual machine, and network policy controls.â â The Forrester Wave™:Â Cloud Workload Security, Q1 2022Â Â CrowdStrike is excited to announce we have been named a âStrong Performerâ in The Forrester Wave:™ […] | |||
|
2022-03-21 08:39:23 | Your Current Endpoint Security May Be Leaving You with Blind Spots (lien direct) | Threat actors are continuously honing their skills to find new ways to penetrate networks, disrupt business-critical systems and steal confidential data. In the early days of the internet, adversaries used file-based malware to carry out attacks, and it was relatively easy to stop them with signature-based defenses. Modern threat actors have a much wider variety […] | Malware Threat | ||
|
2022-03-17 05:15:09 | CrowdStrike and Cloudflare Expand Zero Trust from Devices and Identities to Applications (lien direct) | Threat actors continue to exploit users, devices and applications, especially as more of them exist outside of the traditional corporate perimeter. With employees consistently working remotely, adversaries are taking advantage of distributed workforces and the poor visibility and control that legacy security tools provide. Traditional tools that connect employees to corporate applications like VPNs and […] | Threat | ★★★★ | |
|
2022-03-15 13:30:18 | Meet the Channel Chief: Michael Rogers Shares How CrowdStrike Is Driving Growth for Partners (lien direct) | CrowdStrike last week announced Michael Rogers was promoted to vice president of global business development, channel and alliances. His appointment comes after years of driving growth in CrowdStrikeâs channel program and a career built working with partners across the security industry. Rogers takes on this role after a tremendous year for CrowdStrikeâs partner ecosystem: For […] | |||
|
2022-03-15 12:19:11 | (Déjà vu) cr8escape: New Vulnerability in CRI-O Container Engine Discovered by CrowdStrike (CVE-2022-0811) (lien direct) | CrowdStrike cloud security researchers discovered a new vulnerability (dubbed âcr8escapeâ and tracked as CVE-2022-0811) in the Kubernetes container engine CRI-O. CrowdStrike disclosed the vulnerability to Kubernetes, which worked with CRI-O to issue a patch that was released today. It is recommended that CRI-O users patch immediately. CrowdStrike customers are protected from this threat by the […] | Vulnerability Threat | Uber | |
|
2022-03-15 12:19:11 | cr8escape: Zero-day in CRI-O Container Engine Discovered by CrowdStrike (CVE-2022-0811) (lien direct) | CrowdStrike cloud security researchers discovered a zero-day vulnerability (dubbed âcr8escapeâ and tracked as CVE-2022-0811) in the Kubernetes container engine CRI-O. CrowdStrike disclosed the vulnerability to Kubernetes, which worked with CRI-O to issue a patch that was released today. It is recommended that CRI-O users patch immediately. CrowdStrike customers are protected from this threat by the […] | Vulnerability Threat | Uber | |
|
2022-03-14 20:40:03 | Falcon OverWatch Threat Hunting Uncovers Ongoing NIGHT SPIDER Zloader Campaign (lien direct) | Over recent months, the CrowdStrike Falcon OverWatch™ team has tracked an ongoing, widespread intrusion campaign leveraging bundled .msi installers to trick victims into downloading malicious payloads alongside legitimate software. These payloads and scripts were used to perform reconnaissance and ultimately download and execute NIGHT SPIDER’s Zloader trojan, as detailed in CrowdStrike Falcon X™ Premium reporting. […] | Threat | ||
|
2022-03-11 17:26:58 | Empower Your SOC with New Applications in the CrowdStrike Store (lien direct) | With chaos seemingly surrounding us in security, it can be hard to cut through the noise. How do you detect and prioritize evolving threats and what tools should you use to address them? With new attacks and vulnerabilities on the rise, combined with ineffective security tools and the industryâs ongoing skill shortage, security operations center […] | |||
|
2022-03-10 20:58:14 | Buying IAM and Identity Security from the Same Vendor? Think Again. (lien direct) | With the growing risk of identity-driven breaches, as seen in recent ransomware and supply chain attacks, businesses are starting to appreciate the need for identity security. As they assess how best to strengthen identity protection, there is often an urge to settle for security features or modules included in enterprise bundles from the same vendor […] | Ransomware |
To see everything:
Our RSS (filtrered)
