What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-02-23 00:10:37 | Mitigate Cyber Risk From Email With the Falcon LogScale and Mimecast Integration (lien direct) | Email is the top initial attack vector, with phishing campaigns responsible for many damaging cyber attacks, including ransomware. Being able to search Mimecast email security logs in CrowdStrike Falcon® LogScale (formerly known as Humio), alongside other log sources such as endpoint, network and authentication data helps cybersecurity teams detect and respond to cyber attacks. This […] | ★★★ | ||
|
2023-02-17 07:45:42 | 3 Ways Visualization Improves Cloud Asset Management and Security (lien direct) | Public cloud services and cloud assets are agile and dynamic environments. Close oversight of these assets is a critical component of your asset management and security practices. While it's important to understand the relationships and potential vulnerabilities of your cloud assets, the practice of managing these systems is complicated by the ever-changing nature of cloud […] | Cloud | ★★★ | |
|
2023-02-16 07:45:53 | CrowdStrike Ranked #1 in the IDC Worldwide Endpoint Security Market Shares Report for Third Time in a Row (lien direct) | CrowdStrike maintains endpoint security market leadership with a #1 ranking in IDC's 2021-2022 report, and has been awarded Best Endpoint Detection and Response and Best Product Development by SE Labs. These recognitions validate CrowdStrike as the industry's market and innovation leader in endpoint security. We're honored to share CrowdStrike has been ranked #1 out of […] | Guideline | ★★★ | |
|
2023-02-15 16:15:46 | February 2023 Patch Tuesday: 9 Critical CVEs, and 3 Zero Days Being Actively Exploited in the Wild (lien direct) | Microsoft has released 75 security patches for its February 2023 Patch Tuesday rollout: 9 vulnerabilities are rated Critical, and the remaining 66 are rated Important. Three actively exploited vulnerabilities were reported by the vendor: an elevation of privilege within Windows Common Log File System Driver (CVE-2023-23376), a security feature bypass in Microsoft Office (CVE-2023-21715), and […] | ★★★ | ||
|
2023-02-13 15:01:35 | DLL Side-Loading: How to Combat Threat Actor Evasion Techniques (lien direct) | Threat actors constantly evolve their tactics and techniques to circumvent security solutions. Working at the cutting-edge of detection engineering, CrowdStrike rapidly tracks and observes these evolutions in tactics to deliver timely, effective detections that protect customers. In this blog, we explore DLL side-loading and learn how CrowdStrike has expanded protections with Advanced Memory Scanning. Learn […] | Threat | ★★ | |
|
2023-02-07 19:53:40 | Make Compliance a Breeze with Modern Log Management (lien direct) | From manufacturers in Michigan to fintechs in Finland, every business must comply with industry regulations - which are increasingly constraining. At the same time, businesses must protect and account for a growing number of systems, applications and data in order to remain compliant. In other words, compliance is getting harder. Enter log management. While regulations […] | ★★ | ||
|
2023-02-01 21:34:45 | Using Artificial Intelligence and Machine Learning to Combat Hands-on-Keyboard Cybersecurity Attacks (lien direct) | Malware gets the headlines, but the bigger threat is hands-on-keyboard adversary activity which can evade traditional security solutions and present detection challenges Machine learning (ML) can predict and proactively protect against emerging threats by using behavioral event data. CrowdStrike's artificial intelligence (AI)-powered indicators of attack (IOAs) use ML to detect and predict adversarial patterns in […] | Malware Threat Prediction | ★★★ | |
|
2023-02-01 08:48:42 | CrowdStrike Announces Expanded Service Integrations with AWS (lien direct) | At AWS re:Invent 2022, CrowdStrike announced expanded service integrations with AWS to provide breach protection across your AWS environment, simplified infrastructure management and security consolidation. On January 31, 2023, AWS announced CloudTrail Lake Partner Integrations, with CrowdStrike signing on as a launch partner. With this integration, organizations get the opportunity for a consistent security posture […] | ★★★ | ||
|
2022-12-15 07:06:59 | Unveiling CrowdStrike Falcon Surface: The Industry\'s Most Complete Adversary-Driven External Attack Surface Management (EASM) Technology (lien direct) | Resilient cybersecurity posture can only be achieved with a full understanding of your internal and external attack surface. CrowdStrike Falcon® Surface builds on our award-winning adversary intelligence with cutting-edge external attack surface management (EASM) capabilities for a complete picture of known and unknown externally exposed assets, all delivered via the unified CrowdStrike Falcon® platform. As […] | ★★ | ||
|
2022-12-14 19:37:51 | December 2022 Patch Tuesday: 10 Critical CVEs, One Zero-Day, One Under Active Attack (lien direct) | Microsoft has released 49 security patches for its December 2022 Patch Tuesday rollout. Of these, 10 vulnerabilities are rated Critical, two are rated Medium and the rest are rated Important. DirectX Graphics Kernel Elevation of Privilege Vulnerability (CVE-2022-44710) is listed as publicly known while Windows SmartScreen Security Feature Bypass Vulnerability (CVE-2022-44698) is listed as actively […] | Vulnerability | ★★ | |
|
2022-12-14 17:43:30 | Why Managed Threat Hunting Should Top Every CISO\'s Holiday Wish List (lien direct) | With the end of the year fast approaching, many of us are looking forward to a well-deserved break. However, security practitioners and security leaders worldwide are bracing themselves for what has become a peak period for novel and disruptive threats. In 2020, the holiday season was marked by the SUNBURST incident, and in 2021 the […] | Threat Guideline | Solardwinds | ★★ |
|
2022-12-14 13:58:34 | Attackers Set Sights on Active Directory: Understanding Your Identity Exposure (lien direct) | Eighty percent of modern attacks are identity-driven. Why would an attacker hack into a system when they can simply use stolen credentials to masquerade as an approved user and log in to the target organization? Once inside, attackers increasingly target Microsoft Active Directory because it holds the proverbial keys to the kingdom, providing broad access […] | Hack | ★★ | |
|
2022-12-13 22:29:24 | CrowdStrike Services Helps Organizations Prioritize Patching Vulnerabilities with CrowdStrike Falcon Spotlight (lien direct) | When the CrowdStrike Services team conducts a proactive security engagement, such as a Cybersecurity Maturity Assessment or Tabletop Exercise, it often uses CrowdStrike Falcon® Spotlight to identify what vulnerabilities exist in the environment. Unfortunately, this can be a disheartening experience, as many organizations we see have millions, even tens of millions, of unpatched vulnerabilities. It's […] | Patching | ★★ | |
|
2022-12-13 07:16:18 | Our Customers Have Spoken: CrowdStrike Delivers the Best in EDR, EPP and XDR (lien direct) | Time and again, analyst reports, independent tests and numerous other awards and acknowledgements affirm CrowdStrike is a leader in cybersecurity. Why is this important? Because when CrowdStrike is #1, it's our customers who win. But to us, the best validation of the power of the CrowdStrike Falcon® platform comes from our customers themselves. We are […] | Guideline | ★★ | |
|
2022-12-09 19:52:16 | Importing Docker Logs with CrowdStrike Falcon LogScale Collector (lien direct) | Docker is the primary tool used for containerizing workloads. If your company wants to build containers with quality, then you'll need access to your Docker container logs for debugging, validation and optimization. While engineering teams can view container logs through straightforward CLI tools (think docker logs), these tools don't provide a mechanism for storing or […] | Tool | ★★ | |
|
2022-12-09 15:15:51 | 5 Partner Predictions for 2023 from CrowdStrike\'s Channel Chief (lien direct) | As vice president of global alliances for CrowdStrike, I have the pleasure of meeting daily and weekly with our partners around the globe to ensure that CrowdStrike is addressing their needs and the needs of their customers with our products and services. As a benefit of talking with our partner ecosystem, I have gained a […] | ★★ | ||
|
2022-12-09 00:21:38 | Integration Exploration: Getting Started with Falcon LogScale and Bucket Storage on AWS S3 (lien direct) | If you run CrowdStrike Falcon® LogScale, previously known as Humio, locally or on-premises, one of your first steps is to configure local storage so that LogScale has a persistent data store where it can send logs. If you're running LogScale as a cluster setup, then you'll have some data replication as a function of how […] | ★★ | ||
|
2022-12-07 22:27:34 | Inside the MITRE ATT&CK Evaluation: How CrowdStrike\'s Elite Managed Services Operate in the Real World (lien direct) | Following CrowdStrike's strong performance in the first-ever MITRE ATT&CK® Evaluations for Security Managed Services Providers with 99% detection coverage, we take a deep dive into the testing process and how our elite managed services operate in the real world. We recently announced CrowdStrike achieved 99% detection coverage in the inaugural MITRE ATT&CK Evaluations for Security […] | ★★★ | ||
|
2022-10-25 07:31:05 | CrowdStrike Falcon Platform Achieves 100% Ransomware Prevention with Zero False Positives, Wins AAA Enterprise Advanced Security Award from SE Labs (lien direct) | The CrowdStrike Falcon® platform achieved 100% protection accuracy and 100% legitimacy accuracy with zero false positives, winning SE Labs' first-ever endpoint detection and response (EDR) ransomware detection and protection test The Falcon platform detected and blocked 100% of ransomware files during testing, which involved both direct attacks with 270 ransomware variations and deep attack tactics, […] | Ransomware | ||
|
2022-10-21 20:30:49 | CrowdStrike Advances to Research Partner with MITRE Engenuity Center for Threat-Informed Defense to Help Lead the Future of Cyber Defense (lien direct) | CrowdStrike is deepening its commitment to advancing the security ecosystem leading the future of protection by becoming a top-tier partner in the MITRE Center for Threat-Informed Defense research program. CrowdStrike's adversary-centric approach and technology leadership can help change the game on adversaries, turning state-of-the-art threat defense into a state of practice. CrowdStrike is now a […] | Threat Guideline | ||
|
2022-10-21 11:21:13 | Playing Hide-and-Seek with Ransomware, Part 2 (lien direct) | In Part 1, we explained what Intel SGX enclaves are and how they benefit ransomware authors. In Part 2, we explore a hypothetical step-by-step implementation and outline the limitations of this method. Watch this live attack demo to see how the CrowdStrike Falcon® platform and the CrowdStrike Falcon Complete™ managed detection and response team protect […] | Ransomware | ||
|
2022-10-20 08:33:08 | CrowdStrike and Google Chrome: Building an Integrated Ecosystem to Secure Your Enterprise Using the Power of Log Management (lien direct) | Organizations today face an onslaught of attacks across devices, identity and cloud workloads. The more security telemetry an organization has to work with, the better threat hunters can contextualize events to find and remediate potential threats. Google recently announced Chrome Enterprise Connectors Framework, a collection of plug-and-play integrations with industry-leading security solution providers. The framework […] | Threat Guideline | ||
|
2022-10-19 20:22:29 | CrowdStrike\'s Cloud Security and Observability Capabilities to Be Showcased at KubeCon + CloudNativeCon North America 2022 (lien direct) | KubeCon + CloudNativeCon North America 2022 is happening next week, and we're excited to showcase our industry leading cloud-native application protection platform (CNAPP) capabilities and observability technology. The conference, Oct. 24-28 in Detroit, will gather adopters, technologists and developers from leading open-source and cloud-native communities around the globe. CrowdStrike CNAPP Capabilities on Display The CrowdStrike […] | Guideline | ||
|
2022-10-18 19:49:21 | Why Your Small Business Needs to Rethink Its Cybersecurity Strategy (lien direct) | Cybercrime is a big problem for small businesses, and the risk of advanced threats continues to grow. This Cybersecurity Awareness Month, learn how to protect your SMB or nonprofit from attacks that threaten the business. The cybersecurity threat to small- and medium-sized businesses (SMBs) continues to grow as cybercriminals recognize how vulnerable they can be, […] | Threat | ||
|
2022-10-18 17:02:37 | Do You Know Who\'s in Your Cloud? Preventing Identity-Based Threats with CIEM (lien direct) | As organizations continue to shift to multi-cloud environments and increasingly use cloud services for application development, new challenges emerge that require dramatic changes in the delivery and practice of cybersecurity. Notably, Gartner predicts that inadequate management of identities, access and privileges will cause 75% of cloud security failures by 2023.1 Though public cloud service providers […] | |||
|
2022-10-14 13:31:07 | The Anatomy of Wiper Malware, Part 4: Less Common “Helper” Techniques (lien direct) | This is the fourth blog post in a four-part series. Read Part 1 | Part 2 | Part 3. In Part 3, CrowdStrike’s Endpoint Protection Content Research Team covered the finer points of Input/Output Control (IOCTL) usage by various wipers. The fourth and final part of the wiper series covers some of the rarely used […] | |||
|
2022-10-13 20:48:10 | October 2022 Patch Tuesday: 13 Critical CVEs, One Actively Exploited Bug, ProxyNotShell Still Unpatched (lien direct) | Microsoft has released 84 security patches for its October 2022 Patch Tuesday rollout. Of these, 13 vulnerabilities are rated Critical, while the remaining 71 are rated Important. It should be noted that this month's patching update does not include patches for ProxyNotShell, despite the active exploitation of two related vulnerabilities; CrowdStrike offers recommendations on mitigation […] | Patching | ||
|
2022-10-13 13:14:34 | CrowdStrike Partners with MITRE CTID to Identify Adversaries Using Cloud Analytics (lien direct) | Fourteen key cloud analytics for Azure and GCP cloud environments were identified and mapped as indicative of adversary behavior and serve as a blueprint for understanding and writing new cloud analytics. The CrowdStrike Falcon®® platform delivers a powerful combination of agentless capabilities to protect against misconfigurations and control plane attacks, along with agent-based runtime security […] | |||
|
2022-09-14 08:00:00 | Coming Soon to Las Vegas: Fal.Con 2022 Event Highlights and Special Guests (lien direct) | The countdown continues! As Fal.Con 2022 quickly approaches, we're excited to share more information about the security industry visionaries and notable talks on the agenda for the sixth annual CrowdStrike conference for customers and cybersecurity professionals. IT and security practitioners must stay a step ahead of adversaries who are constantly evolving their tactics, techniques and […] | |||
|
2022-09-13 20:56:40 | 2022 Threat Hunting Report: Falcon OverWatch Looks Back to Prepare Defenders for Tomorrow\'s Adversaries (lien direct) | Another turbulent year for cybersecurity finds itself right at home alongside global economic headwinds and geopolitical tensions. This year has been defined by rampant affiliate activity, a seemingly endless stream of new vulnerabilities and exploits, and the widespread abuse of valid credentials. These circumstances have conspired to drive a 50% increase in interactive intrusion activity […] | Threat | ||
|
2022-09-06 18:52:46 | Consolidated Identity Protection in a Unified Security Platform Is a Must-Have for the Modern SOC (lien direct) | As cyberattacks continue to grow relentlessly, enterprises have to continue improving their cyber defenses to stay one step ahead of the adversaries. One area that CISOs have recently started paying more attention is identity threat protection. This is not surprising considering 80% of modern attacks are identity-driven leveraging stolen credentials. In fact, identity threat detection […] | Threat | ★★ | |
|
2022-09-01 14:39:53 | Register Now to Join Us in Las Vegas for Fal.Con 2022 (lien direct) | The countdown has begun! In less than a month, we'll gather in Las Vegas for Fal.Con 2022, the sixth annual CrowdStrike cybersecurity conference. We're excited to bring you an event packed with product announcements, keynotes from industry visionaries, deep-dive talks, hands-on workshops and training sessions, special guests and more. The past few years have been […] | ★★★ | ||
|
2022-09-01 13:20:32 | CrowdStrike Introduces Sandbox Scryer: A Free Threat-Hunting Tool for Generating MITRE ATT&CK and Navigator Data (lien direct) | Sandbox Scryer is an open-source tool for producing threat hunting and intelligence data from public sandbox detonation output The tool leverages the MITRE ATT&CK Framework to organize and prioritize findings, assisting in assembling indicators of compromise (IOCs), understanding attack movement and hunting threats By allowing researchers to send thousands of samples to a sandbox for […] | Tool Threat | ★★ | |
|
2022-08-31 12:20:15 | Defense Against the Lateral Arts: Detecting and Preventing Impacket\'s Wmiexec (lien direct) | Impacket, an open source collection of Python modules for manipulating network protocols, contains several tools for remote service execution, Windows credential dumping, packet sniffing and Kerberos manipulation. CrowdStrike Services has seen an increased use of Impacket's wmiexec module, primarily by ransomware and eCrime groups. Wmiexec leaves behind valuable forensic artifacts that will help defenders detect […] | Ransomware | ||
|
2022-08-25 12:37:33 | Getting Started Guide: Falcon Long Term Repository (lien direct) | Limited data retention resulting from financial or technological constraints makes it hard for security teams to see the complete history of an attack. This lack of full context about a threat - or a potential threat - eventually catches up with organizations, leading to longer dwell times and increased risk of a breach. CrowdStrike Falcon […] | Threat Guideline | ||
|
2022-08-24 13:14:26 | The Anatomy of Wiper Malware, Part 2: Third-Party Drivers (lien direct) | In Part 1 of this four-part blog series examining wiper malware, we introduced the topic of wipers, reviewed their recent history and presented common adversary techniques that leverage wipers to destroy system data. In Part 2, CrowdStrike’s Endpoint Protection Content Research Team discusses how threat actors have used legitimate third-party drivers to bypass the visibility […] | Threat | ||
|
2022-08-23 12:45:06 | GitOps and Shift Left Security: The Changing Landscape of DevSecOps (lien direct) | Application developers have always had a tricky balance to maintain between speed and security, two requirements that may often feel at odds with each other. Practices that increase speed also pressure development teams to ensure that vulnerable code is identified and remediated without slowing development. As companies embrace digital transformation initiatives, the need to weave […] | |||
|
2022-08-23 08:23:20 | (Déjà vu) Adversary Quest 2022 Walkthrough, Part 3: Four PROTECTIVE PENGUIN Challenges (lien direct) | In July 2022, the CrowdStrike Intelligence Advanced Research Team hosted the second edition of our Adversary Quest. As in the previous year, this “capture the flag” event featured 12 information security challenges in three different tracks: eCrime, Hacktivism and Targeted Intrusion. In each track, four consecutive challenges awaited the players, requiring different skills, including reverse […] | |||
|
2022-08-16 13:14:46 | Why XDR Should Be on Your Roadmap for SOC Success (lien direct) | Fighting modern adversaries requires having a modern security operations center (SOC), especially as organizations move to the cloud. To protect their estates against tomorrow's threats, security professionals have often turned to more data sources and adding more security monitoring tools in their operations, both in the pursuit of maximizing their attack surface visibility and reducing […] | |||
|
2022-08-16 05:00:57 | CrowdStrike Wins Technology Innovation Leadership Award, Continues Dominance in Endpoint Security Market (lien direct) | CrowdStrike is proud to receive Frost & Sullivan's 2022 Global Technology Innovation Leadership Award in the endpoint security sector. This recognition reflects CrowdStrike's continued investment to drive innovation and deliver more value to its customers through its industry-leading Falcon platform. The global shift to remote work has driven a tremendous increase in internet traffic, the […] | Guideline | ||
|
2022-08-12 12:26:37 | The Anatomy of Wiper Malware, Part 1: Common Techniques (lien direct) | This blog post is the first in a four-part series in which CrowdStrike's Endpoint Protection Content Research Team will dive into various wipers discovered by the security community over the past 10 years. Our goal is to review in depth the various techniques employed by wipers that target the Windows operating system. Background A wiper […] | |||
|
2022-08-11 21:44:30 | (Déjà vu) August 2022 Patch Tuesday: 17 Critical CVEs and Two Zero-Days, One Under Active Exploitation (lien direct) | Microsoft has released 121 security patches for its August 2022 Patch Tuesday rollout. Seventeen vulnerabilities are rated Critical in severity and the rest are classified as Important, with one (CVE-2022-34713) under active exploitation. In this blog, the CrowdStrike Falcon Spotlight™ team analyzes this month's vulnerabilities, highlights the most severe CVEs and recommends how to prioritize […] | ★★ | ||
|
2022-08-10 16:28:23 | CrowdStrike and Industry Partners Release Open Cybersecurity Schema Framework (lien direct) | CrowdStrike is excited to announce the release of the Open Cybersecurity Schema Framework (OCSF) project, a collaborative open-source effort among cybersecurity and technology leaders to break down silos that impede cybersecurity teams' abilities to quickly and effectively detect, investigate and stop breaches. Detecting and stopping advanced cyberattacks demands coordination across multiple security tools and domains. […] | Guideline | ★★★★ | |
|
2022-08-10 07:13:44 | Introducing AI-Powered Indicators of Attack: Predict and Stop Threats Faster Than Ever (lien direct) | AI-powered indicators of attack (IOAs) are the latest evolution of CrowdStrike's industry-first IOAs, expanding protection with the combined power of cloud-native machine learning and human expertise AI-powered IOAs use the speed, scale and accuracy of the cloud to rapidly detect emerging classes of threats and predict adversarial patterns, regardless of tools or malware used AI-powered […] | Malware | ★★★ | |
|
2022-08-09 12:31:20 | Adversary Quest 2022 Walkthrough, Part 2: Four TABLOID JACKAL Challenges (lien direct) | In July 2022, the CrowdStrike Intelligence Advanced Research Team hosted the second edition of our Adversary Quest. As in the previous year, this “capture the flag” event featured 12 information security challenges in three different tracks: eCrime, Hacktivism and Targeted Intrusion. In each track, four consecutive challenges awaited the players, requiring different skills, including reverse […] | ★★★ | ||
|
2022-08-01 15:21:18 | Securing Our Nation: How the Infrastructure Investment and Jobs Act Delivers on Cyber Resiliency (lien direct) | Attacks and intrusions on our nation's vital infrastructure - our electrical grid, water systems, ports and oil supply - are on the rise. For example, as reported by the Pew Charitable Trust in March 2021, hackers changed the chemical mixture of the water supply in Oldsmar, Fla., increasing by 100 times the level of sodium […] | |||
|
2022-07-27 15:34:02 | A Deep Dive into Custom Spark Transformers for Machine Learning Pipelines (lien direct) | Modern Spark Pipelines are a powerful way to create machine learning pipelines Spark Pipelines use off-the-shelf data transformers to reduce boilerplate code and improve readability for specific use cases This blog outlines how to construct custom Spark Transformers to integrate with Spark Pipelines Learn how to identify the components of each Transformer class member function […] | |||
|
2022-07-26 16:45:34 | CrowdStrike and AWS Expand Partnership to Offer Customers DevOps-Ready Security (lien direct) | Cloud-based services are augmenting business operations and being adopted at a record pace. In fact, Gartner® estimates “more than 85% of organizations will embrace a cloud-first principle by 2025 and will not be able to fully execute on their digital strategies without the use of cloud-native architectures and technologies.” As cloud adoption continues unabated, adversaries […] | |||
|
2022-07-26 12:04:48 | Address the Cybersecurity Skills Shortage by Building Your Security Stack with the CrowdStrike Store (lien direct) | The increase in attack sophistication coupled with the decline of skilled security staff continues to put pressure on organizations and their teams by minimizing their ability to effectively see and control risks within the enterprise. This is only made more difficult as teams find themselves patching together disparate solutions, resulting in labyrinthian security stacks and […] | Patching | ||
|
2022-07-19 17:39:02 | Think It, Build It, Secure It - CrowdStrike at AWS re:Inforce 2022 (lien direct) | For two days in July, Boston will be the epicenter of innovation in the world of cloud security - and we're excited to see you there in person! As a proud sponsor of AWS re:Inforce 2022 (July 26-27), CrowdStrike is coming to town to meet with customers, partners and prospects to show how we're protecting […] |
To see everything:
Our RSS (filtrered)
