What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-04-27 06:30:19 | CrowdStrike Delivers Adversary-Focused, Platform Approach to CNAPP and Cloud Security (lien direct) | CrowdStrike Falcon® delivers comprehensive cloud security, combining agent-based and agentless protection in a single, unified platform experience Integrated threat intelligence delivers a powerful, adversary-focused approach to stopping cloud breaches Cloud-based services have revolutionized business processes and emerged as the backbone of the modern enterprise. According to analyst firm Gartner®, âmore than 85% of organizations will […] | Threat | ||
|
2022-04-21 08:23:55 | LemonDuck Targets Docker for Cryptomining Operations (lien direct) | LemonDuck, a well-known cryptomining botnet, is targeting Docker to mine cryptocurrency on Linux systems. This campaign is currently active. It runs an anonymous mining operation by the use of proxy pools, which hide the wallet addresses. It evades detection by targeting Alibaba Cloudâs monitoring service and disabling it. CrowdStrike customers are protected from this threat […] | Threat | ||
|
2022-04-20 12:42:51 | CrowdStrike Falcon Spotlight Fuses Endpoint Data with CISA\'s Known Exploited Vulnerabilities Catalog (lien direct) | In this blog you will: Learn how to leverage the CrowdStrike Falcon Spotlight™ integrated threat and vulnerability management module to fuse your endpoint telemetry with CISA’s Known Exploited Vulnerabilities Catalog Learn how to use the CrowdStrike Falcon® console to further investigate and take action The U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency […] | Vulnerability Threat | ||
|
2022-04-19 12:33:33 | Security Doesnât Stop at the First Alert: Falcon X Threat Intelligence Offers New Context in MITRE ATT&CK Evaluation (lien direct) | The CrowdStrike Falcon® platform delivers 100% prevention across all nine steps in the MITRE Engenuity ATT&CK® Enterprise Evaluation CrowdStrike extends endpoint and workload protection by fully integrating threat intelligence into the Falcon platform â CrowdStrike Falcon X™ enables CrowdStrike users to pivot seamlessly from detections to the latest intelligence on todayâs adversaries, including their motivation […] | Threat | ||
|
2022-04-01 13:00:29 | BERT Embeddings: A Modern Machine-learning Approach for Detecting Malware from Command Lines (Part 2 of 2) (lien direct) | A novel methodology, BERT embedding, enables large-scale machine learning model training for detecting malware It reduces dependency on human threat analyst involvement in training machine learning models Bidirectional Encoder Representation from Transformers (BERT) embeddings enable performant results in model training CrowdStrike researchers constantly explore novel approaches to improve the automated detection and protection capabilities of […] | Malware Threat | ||
|
2022-03-31 15:41:48 | CrowdStrike Achieves 100% Prevention in Recent MITRE Engenuity ATT&CK Evaluation Emulating Russia-based Threat Groups (lien direct) | âWe were asked to disable identity protection capabilities to let the testing proceed â and still achieved 100% prevention.â The CrowdStrike Falcon® platform delivers 100% prevention across all nine steps in the MITRE Engenuity ATT&CK® Enterprise Evaluation The Falcon platform delivers comprehensive visibility and actionable alerts, scoring visibility on 96% of substeps in the ATT&CK […] | Threat | ||
|
2022-03-31 08:43:09 | Cloudy with a Chance of Unclear Mailbox Sync: CrowdStrike Services Identifies Logging Inconsistencies in Microsoft 365 (lien direct) | Multiple investigations and testing by the CrowdStrike Services team identified inconsistencies in Azure AD sign-in logs that incorrectly showed successful logins via Internet Mail Access Protocol (IMAP) despite it being blocked. Investigators rely on these logs to determine threat actor activity in investigations that often involve legal and regulatory consequences for organizations. This blog includes […] | Threat | ||
|
2022-03-28 08:25:31 | CrowdStrike Named a Leader in The Forrester Wave™: Cybersecurity Incident Response Services, Q1 2022 (lien direct) | CrowdStrike has been recognized as a Leader in the Forrester Wave™ for Cybersecurity Incident Response Services. When it comes to incident response (IR), time is of the essence. The longer it takes to detect threat activity, investigate an incident and remediate systems across highly distributed environments, the deeper into the threat lifecycle the adversary gets. […] | Threat Guideline | ||
|
2022-03-23 09:10:03 | Falcon OverWatch Threat Hunting Contributes to Seamless Protection Against Novel BlackCat Attack (lien direct) | In an effort to stay ahead of improvements in automated detections and preventions, adversary groups continually look to new tactics, techniques and procedures (TTPs), and new tooling to progress their mission objectives. One group â known as BlackCat/ALPHV â has taken the sophisticated approach of developing their tooling from the ground up, using newer, more […] | Threat | ||
|
2022-03-21 08:39:23 | Your Current Endpoint Security May Be Leaving You with Blind Spots (lien direct) | Threat actors are continuously honing their skills to find new ways to penetrate networks, disrupt business-critical systems and steal confidential data. In the early days of the internet, adversaries used file-based malware to carry out attacks, and it was relatively easy to stop them with signature-based defenses. Modern threat actors have a much wider variety […] | Malware Threat | ||
|
2022-03-17 05:15:09 | CrowdStrike and Cloudflare Expand Zero Trust from Devices and Identities to Applications (lien direct) | Threat actors continue to exploit users, devices and applications, especially as more of them exist outside of the traditional corporate perimeter. With employees consistently working remotely, adversaries are taking advantage of distributed workforces and the poor visibility and control that legacy security tools provide. Traditional tools that connect employees to corporate applications like VPNs and […] | Threat | ★★★★ | |
|
2022-03-15 12:19:11 | (Déjà vu) cr8escape: New Vulnerability in CRI-O Container Engine Discovered by CrowdStrike (CVE-2022-0811) (lien direct) | CrowdStrike cloud security researchers discovered a new vulnerability (dubbed âcr8escapeâ and tracked as CVE-2022-0811) in the Kubernetes container engine CRI-O. CrowdStrike disclosed the vulnerability to Kubernetes, which worked with CRI-O to issue a patch that was released today. It is recommended that CRI-O users patch immediately. CrowdStrike customers are protected from this threat by the […] | Vulnerability Threat | Uber | |
|
2022-03-15 12:19:11 | cr8escape: Zero-day in CRI-O Container Engine Discovered by CrowdStrike (CVE-2022-0811) (lien direct) | CrowdStrike cloud security researchers discovered a zero-day vulnerability (dubbed âcr8escapeâ and tracked as CVE-2022-0811) in the Kubernetes container engine CRI-O. CrowdStrike disclosed the vulnerability to Kubernetes, which worked with CRI-O to issue a patch that was released today. It is recommended that CRI-O users patch immediately. CrowdStrike customers are protected from this threat by the […] | Vulnerability Threat | Uber | |
|
2022-03-14 20:40:03 | Falcon OverWatch Threat Hunting Uncovers Ongoing NIGHT SPIDER Zloader Campaign (lien direct) | Over recent months, the CrowdStrike Falcon OverWatch™ team has tracked an ongoing, widespread intrusion campaign leveraging bundled .msi installers to trick victims into downloading malicious payloads alongside legitimate software. These payloads and scripts were used to perform reconnaissance and ultimately download and execute NIGHT SPIDER’s Zloader trojan, as detailed in CrowdStrike Falcon X™ Premium reporting. […] | Threat | ||
|
2022-03-07 09:55:04 | The Easy Solution for Stopping Modern Attacks (lien direct) | Modern cyberattacks are multifaceted, leveraging different tools and techniques and targeting multiple entry points. As noted in the CrowdStrike 2022 Global Threat Report, 62% of modern attacks do not use traditional malware and 80% of attacks use identity-based techniques, meaning that attacks target not only endpoints, but also cloud and identity layers with techniques that […] | Malware Threat | ||
|
2022-03-03 16:06:41 | CrowdStrike Falcon Enhances Fileless Attack Detection with Accelerated Memory Scanning Feature (lien direct) | CrowdStrike introduces memory scanning into the CrowdStrike Falcon® sensor for Windows to enhance existing visibility and detection of fileless threats The Falcon sensor integrates Intel threat detection technology to perform accelerated memory scanning for malicious byte patterns Memory scanning is optimized for performance on Intel CPUs, including high-performance operation, by offloading the operation to an […] | Threat | ||
|
2022-03-02 12:40:17 | Reinventing Managed Detection and Response (MDR) with Identity Threat Protection (lien direct) | The modern threat landscape continues to evolve with an increase in attacks leveraging compromised credentials. An attacker with compromised credentials too frequently has free reign to move about an organization and carefully plan their attack before they strike. This week Falcon Complete™, CrowdStrikeâs leading managed detection and response (MDR) service, announced a new managed service […] | Threat Guideline | ★★★★ | |
|
2022-02-25 14:42:54 | Nowhere to Hide: Detecting a Vishing Intrusion at a Retail Company (lien direct) | The CrowdStrike Falcon OverWatch™ 2021 Threat Hunting Report details the interactive intrusion activity observed by hunters from July 2020 to June 2021. While the report brings to light some of the new and innovative ways threat actors are gaining access into victim organizationâs networks, social engineering remains a tried and true method of gaining access […] | Threat | ||
|
2022-02-24 12:54:27 | Modernize Your Security Stack with the Falcon Platform (lien direct) | The job for CIOs, CISOs and their security and IT teams may be more complex than ever in 2022. Ongoing support for hybrid workforces, coupled with the continued shift to the cloud, has expanded the threat surface. At the same time, the infrastructure and environments supporting organizations are growing ever more vulnerable. According to the […] | Threat | ||
|
2022-02-23 13:31:21 | CrowdStrike Automates Vulnerability Remediation Processes While Enhancing SecOps Visibility (lien direct) | Adversaries are becoming more adept and sophisticated in their attacks. Taking advantage of vulnerabilities present in major software is often an attractive entry point for establishing a campaign within an enterprise environment. The CrowdStrike 2022 Global Threat Report highlights how adversaries continue to shift tradecraft and weaponize vulnerabilities to evade detection and gain access to […] | Vulnerability Threat | ||
|
2022-02-23 05:36:44 | Access Brokers: Who Are the Targets, and What Are They Worth? (lien direct) | Access brokers have become a key component of the eCrime threat landscape, selling access to threat actors and facilitating myriad criminal activities. Many have established relationships with big game hunting (BGH) ransomware operators and affiliates of prolific ransomware-as-a-Service (RaaS) programs. The CrowdStrike Intelligence team analyzed the multitude of access brokersâ advertisements posted since 2019 and […] | Ransomware Threat | ||
|
2022-02-17 13:46:22 | CrowdStrike Partners with MITRE CTID, Reveals Real-world Insider Threat Techniques (lien direct) | Remote working has exposed companies to greater levels of insider risk, which can result in data exfiltration, fraud and confidential information leakage CrowdStrike is a founding sponsor and lead contributor to the new MITRE Insider Threat Knowledge Base, continuing its industry leadership in protecting organizations from external attacks and internal threats The CrowdStrike Falcon® platform […] | Threat Guideline | ||
|
2022-02-16 22:22:46 | Defend Against Ransomware and Malware with Falcon Fusion and Falcon Real Time Response (lien direct) | Adversaries are moving beyond malware and becoming more sophisticated in their attacks by using legitimate credentials and built-in tools to evade detection by traditional antivirus products. According to the CrowdStrike 2022 Global Threat Report, 62% of detections indexed by the CrowdStrike Security Cloud in Q4 2021 were malware-free. Adversaries are also likely to significantly increase […] | Ransomware Malware Threat | ||
|
2022-02-15 00:01:44 | 2022 Global Threat Report: A Year of Adaptability and Perseverance (lien direct) | For security teams on the front lines and those of us in the business of stopping cyberattacks and breaches, 2021 provided no rest for the weary. In the face of massive disruption brought about by the COVID-driven social, economic and technological shifts of 2020, adversaries refined their tradecraft to become even more sophisticated and brazen. […] | Threat | ||
|
2022-01-27 10:23:54 | Programs Hacking Programs: How to Extract Memory Information to Spot Linux Malware (lien direct) | Threat actors go to great lengths to hide the intentions of the malware they produce This blog demonstrates reliable methods for extracting information from popular Linux shells Extracted memory information can help categorize unknown software as malicious or benign and could reveal information to help incident responders Some malware is only ever resident in memory, […] | Malware Threat | ||
|
2022-01-27 09:00:26 | New Docker Cryptojacking Attempts Detected Over 2021 End-of-Year Holidays (lien direct) | Cryptocurrency mining has become very popular among malicious actors that aim to profit by exploiting cloud attack surfaces. Exposed Docker APIs have become a common target for cryptominers to mine various cryptocurrencies. According to the Google Threat Horizon report published Nov. 29, 2021, 86% of compromised Google Cloud instances were used to perform cryptocurrency mining. […] | Threat | ||
|
2022-01-07 08:22:43 | Why You Need an Adversary-focused Approach to Stop Cloud Breaches (lien direct) | It should come as little surprise that when enterprise and IT leaders turned their attention to the cloud, so did attackers. Unfortunately, the security capabilities of enterprises have not always kept up with the threat landscape. Poor visibility, management challenges and misconfigurations combine with other security and compliance issues to make protecting cloud environments a […] | Threat Guideline | ||
|
2021-12-22 15:26:35 | How to Speed Investigations with Falcon Forensics (lien direct) | Introduction Threat hunters and incident responders are under tremendous time pressure to investigate breaches and incidents. While they are collecting and sorting massive quantities of forensic data, fast response is critical to help limit any damage inflected by the adversary. This article and video will provide an overview of Falcon Forensics, and how it streamlines […] | Threat | ||
|
2021-12-22 12:28:37 | CrowdStrike Launches Free Targeted Log4j Search Tool (lien direct) | The recently discovered Log4j vulnerability has serious potential to expose organizations across the globe to a new wave of cybersecurity risks as threat actors look to exploit this latest vulnerability to execute their malicious payloads using remote code execution (RCE). An immediate challenge that every organization faces is simply trying to understand exactly where you […] | Tool Vulnerability Threat | ||
|
2021-12-21 20:12:46 | CrowdStrike Services Launches Log4j Quick Reference Guide (QRG) (lien direct) | The Log4j vulnerability burst onto the scene just a few weeks ago, but to many defenders it already feels like a lifetime. It has rapidly become one of the top concerns for security teams in 2021, and seems set to remain so for the foreseeable future. The critical details of this threat evolve almost daily, […] | Vulnerability Threat | ||
|
2021-12-15 09:42:18 | How CrowdStrike Protects Customers from Threats Delivered via Log4Shell (lien direct) | Log4Shell, the latest critical vulnerability, found in the Log4j2 Apache Logging Services library, poses a serious threat to organizations Active attempts to exploit the vulnerability were identified in the wild, currently making it the most severe threat CrowdStrike utilizes indicators of attack (IOAs) and machine learning to protect our customers CrowdStrike continues to track and […] | Vulnerability Threat | ||
|
2021-12-14 07:27:51 | CrowdStrike Falcon Detects 100% of Attacks in New SE Labs EDR Test, Winning Highest Rating (lien direct) | The CrowdStrike Falcon® platform achieves 100% attacks detected in new Advanced Security Test (EDR) from SE Labs This SE Labs test demonstrated that CrowdStrikeâs Zero Trust module, Falcon Identity Threat Protection, is a highly effective component in securing your environment against real-world attacks SE Labs is one of the most prestigious independent third-party testing institutions […] | Threat | ||
|
2021-12-09 09:00:43 | CrowdStrikeâs Strategic Counter-Adversarial Research Team (SCAR): Developing the Technology Falcon OverWatch Threat Hunters Need (lien direct) | As a human-led managed threat hunting service, CrowdStrike Falcon OverWatch™ is built around the best and brightest analysts in the industry who lead the fight against todayâs sophisticated adversaries. But while humans remain the critical ingredient that makes OverWatch so successful, these hunters are also supported by best-in-class technologies that enable them to work at […] | Threat Guideline | ★★ | |
|
2021-12-09 08:59:37 | CrowdStrike Falcon and Humio: Leverage All Your FDR Data in One Place (lien direct) | This blog was originally published Nov. 8, 2021 on humio.com. Humio is a CrowdStrike Company. In 2021, Humio and Crowdstrike joined forces to deliver a truly robust security solution. CrowdStrike delivers the industryâs most comprehensive security solution for protecting endpoints and workloads, processing 1 trillion security-related events per day with its pioneering Threat Graph™ technology. […] | Threat | ★★ | |
|
2021-12-07 09:14:21 | Extend Threat Visibility With Humio\'s Integration With CrowdStrike\'s Indicators of Compromise (IOCs) (lien direct) | This blog was originally published Oct. 1, 2021 on humio.com. Humio is a CrowdStrike Company. What is an indicator of compromise (IOC)? An indicator of compromise (IOC) is a piece of digital forensics that suggests that an endpoint or network may have been breached. The ability to monitor for indicators of compromise is critical to […] | Threat | ★★ |
To see everything:
Our RSS (filtrered)
