What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-04-22 12:37:02 | UX Writer Michelle Handelman on Giving Customers the Information They Need to Succeed (lien direct) | When you get an error message on a website or app, do you wonder where it comes from? In most cases, a person writes every bit of copy in apps, websites, notifications, alerts and more. At CrowdStrike, that person may be UX Writer Michelle Handelman. Here we sit down with Michelle to discuss her role, […] | |||
|
2022-04-22 08:30:52 | Navigating the Five Stages of Grief During a Breach (lien direct) | Every security professional dreads âThe Phone Call.â The one at 2 a.m. where the tired voice of a security analyst on the other end of the line shares information that is soon drowned out by your heart thumping in your ears. Your mind races. There are so many things to do, so many people to […] | |||
|
2022-04-21 08:23:55 | LemonDuck Targets Docker for Cryptomining Operations (lien direct) | LemonDuck, a well-known cryptomining botnet, is targeting Docker to mine cryptocurrency on Linux systems. This campaign is currently active. It runs an anonymous mining operation by the use of proxy pools, which hide the wallet addresses. It evades detection by targeting Alibaba Cloudâs monitoring service and disabling it. CrowdStrike customers are protected from this threat […] | Threat | ||
|
2022-04-20 12:42:51 | CrowdStrike Falcon Spotlight Fuses Endpoint Data with CISA\'s Known Exploited Vulnerabilities Catalog (lien direct) | In this blog you will: Learn how to leverage the CrowdStrike Falcon Spotlight™ integrated threat and vulnerability management module to fuse your endpoint telemetry with CISA’s Known Exploited Vulnerabilities Catalog Learn how to use the CrowdStrike Falcon® console to further investigate and take action The U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency […] | Vulnerability Threat | ||
|
2022-04-19 12:33:33 | Security Doesnât Stop at the First Alert: Falcon X Threat Intelligence Offers New Context in MITRE ATT&CK Evaluation (lien direct) | The CrowdStrike Falcon® platform delivers 100% prevention across all nine steps in the MITRE Engenuity ATT&CK® Enterprise Evaluation CrowdStrike extends endpoint and workload protection by fully integrating threat intelligence into the Falcon platform â CrowdStrike Falcon X™ enables CrowdStrike users to pivot seamlessly from detections to the latest intelligence on todayâs adversaries, including their motivation […] | Threat | ||
|
2022-04-15 13:32:04 | Engineer Rotem Bar On on Solving Big Challenges with Autonomy in Cybersecurity (lien direct) | Our latest installment of 5 Questions takes us to Tel Aviv, where we sit down with Rotem Bar On to discuss his role on the cloud infrastructure team, what he loves about his job and how he is helping CrowdStrike build a scalable, future-proof system. Q. What is your role and what drew you to […] | |||
|
2022-04-13 12:36:07 | XDR: A New Vision for InfoSecâs Ongoing Problems (lien direct) | Let’s face it. The information security industry loves a new acronym. For industry long-timers, a new acronym might be just the latest reason for an eye roll. For folks new to the field, it can be very confusing. A constructive way to look at XDR â extended detection and response â is as an opportunity […] | |||
|
2022-04-08 16:06:10 | How Human Intelligence Is Supercharging CrowdStrike\'s Artificial Intelligence (lien direct) | The CrowdStrike Security Cloud processes over a trillion events from endpoint sensors per day, but human professionals play a vital role in providing structure and ground truth for artificial intelligence (AI) to be effective. Without human professionals, AI is useless. There is a new trope in the security industry, and it goes something like this: […] | |||
|
2022-04-08 13:21:44 | CrowdStrikeâs First Employee and Pride ERG Executive Sponsor Hyacinth Diehl on International Transgender Day of Visibility (lien direct) | When Hyacinth Diehl (pronouns: he/they/she – mix it up!) joined CrowdStrike as the first employee in 2011, identity was top of mind. For one thing, they selected the title Tool-Using Mammal after learning from past experience that having a title like Chief Architect or Senior Engineer could be limiting. âPeople will put you in a […] | |||
|
2022-04-07 20:16:40 | How to Create Custom Cloud Security Posture Policies (lien direct) | Introduction Falcon Horizon, CrowdStrikeâs Cloud Security Posture Management solution, uses configuration and behavioral policies to monitor public cloud deployments, proactively identify issues and resolve potential security problems. However, customers are not limited to predefined policies. This article will review the different options for creating custom cloud security posture management policies in Falcon Horizon. Video ï"¿ […] | |||
|
2022-04-07 09:12:13 | Falcon Platform Identity Protection Shuts Down MITRE ATT&CK Adversaries (lien direct) | âWe were asked to disable identity protection capabilities to let the testing proceed â and still achieved 100% prevention.â The weeks following the release of the MITRE Engenuity ATT&CK Evaluation can be confusing when trying to interpret the results and cut through the noise. But one thing is crystal clear in this yearâs evaluation that […] | |||
|
2022-04-06 08:47:07 | CrowdStrike âDominatesâ in Endpoint Detection and Response (lien direct) | âCrowdStrike dominates in EDR while building its future in XDR and Zero Trust.â â The Forrester Wave™: Endpoint Detection and Response Providers, Q2 2022 We are excited that Forrester has named CrowdStrike a âLeaderâ in The Forrester Wave™: Endpoint Detection and Response (EDR) Providers, Q2 2022 and recognized us as dominating in EDR while building […] | Guideline | ||
|
2022-04-04 21:12:29 | Runtime Protection: The Secret Weapon for Stopping Breaches in the Cloud (lien direct) | Mistakes are easy to make, but in the world of cloud computing, they arenât always easy to find and remediate without help. Cloud misconfigurations are frequently cited as the most common causes of breaches in the cloud. According to a 2021 survey from VMware and the Cloud Security Alliance, one in six surveyed companies experienced […] | |||
|
2022-04-01 13:00:29 | BERT Embeddings: A Modern Machine-learning Approach for Detecting Malware from Command Lines (Part 2 of 2) (lien direct) | A novel methodology, BERT embedding, enables large-scale machine learning model training for detecting malware It reduces dependency on human threat analyst involvement in training machine learning models Bidirectional Encoder Representation from Transformers (BERT) embeddings enable performant results in model training CrowdStrike researchers constantly explore novel approaches to improve the automated detection and protection capabilities of […] | Malware Threat | ||
|
2022-03-31 15:41:48 | CrowdStrike Achieves 100% Prevention in Recent MITRE Engenuity ATT&CK Evaluation Emulating Russia-based Threat Groups (lien direct) | âWe were asked to disable identity protection capabilities to let the testing proceed â and still achieved 100% prevention.â The CrowdStrike Falcon® platform delivers 100% prevention across all nine steps in the MITRE Engenuity ATT&CK® Enterprise Evaluation The Falcon platform delivers comprehensive visibility and actionable alerts, scoring visibility on 96% of substeps in the ATT&CK […] | Threat | ||
|
2022-03-31 08:54:15 | Celebrating Transgender Day of Visibility as an Out and Proud Trans Man. (lien direct) | Transgender Day of Visibility is a day dedicated to recognizing the resilience and accomplishments of the transgender community. This day means showing up and being visible, especially for those who cannot. I am an out and proud Trans man, and I am visible because I know many cannot for fear of their physical security, work […] | |||
|
2022-03-31 08:43:09 | Cloudy with a Chance of Unclear Mailbox Sync: CrowdStrike Services Identifies Logging Inconsistencies in Microsoft 365 (lien direct) | Multiple investigations and testing by the CrowdStrike Services team identified inconsistencies in Azure AD sign-in logs that incorrectly showed successful logins via Internet Mail Access Protocol (IMAP) despite it being blocked. Investigators rely on these logs to determine threat actor activity in investigations that often involve legal and regulatory consequences for organizations. This blog includes […] | Threat | ||
|
2022-03-30 08:00:45 | Who is EMBER BEAR? (lien direct) | 4/4/22 Editorâs note: The hearing described below has been rescheduled for 10 a.m. EST on Tuesday, April 5. On Wednesday, March 30, 2022, Adam Meyers, CrowdStrike Senior Vice President of Intelligence, will testify in front of CHS (House Committee on Homeland Security) on Russian cyber threats to critical infrastructure. Within his testimony, Adam will speak […] | |||
|
2022-03-29 13:41:43 | Maintaining Security Consistency from Endpoint to Workload and Everywhere in Between (lien direct) | In todayâs fast-paced world, mobility, connectivity and data access are essential. As organizations grow and add more workloads, containers, distributed endpoints and different security solutions to protect them, security can quickly become complex. Modern attacks and adversary tradecraft target vulnerable areas to achieve their objectives. Threats can originate at the endpoint to attack the cloud, […] | |||
|
2022-03-28 08:25:31 | CrowdStrike Named a Leader in The Forrester Wave™: Cybersecurity Incident Response Services, Q1 2022 (lien direct) | CrowdStrike has been recognized as a Leader in the Forrester Wave™ for Cybersecurity Incident Response Services. When it comes to incident response (IR), time is of the essence. The longer it takes to detect threat activity, investigate an incident and remediate systems across highly distributed environments, the deeper into the threat lifecycle the adversary gets. […] | Threat Guideline | ||
|
2022-03-23 09:10:03 | Falcon OverWatch Threat Hunting Contributes to Seamless Protection Against Novel BlackCat Attack (lien direct) | In an effort to stay ahead of improvements in automated detections and preventions, adversary groups continually look to new tactics, techniques and procedures (TTPs), and new tooling to progress their mission objectives. One group â known as BlackCat/ALPHV â has taken the sophisticated approach of developing their tooling from the ground up, using newer, more […] | Threat | ||
|
2022-03-23 09:05:00 | CrowdStrike Named a Strong Performer in 2022 Forrester Wave for Cloud Workload Security (lien direct) | âIn its current CWS offering, the vendor has great CSPM capabilities for Azure, including detecting overprivileged admins and enforcing storage least privilege and encryption, virtual machine, and network policy controls.â â The Forrester Wave™:Â Cloud Workload Security, Q1 2022Â Â CrowdStrike is excited to announce we have been named a âStrong Performerâ in The Forrester Wave:™ […] | |||
|
2022-03-21 08:39:23 | Your Current Endpoint Security May Be Leaving You with Blind Spots (lien direct) | Threat actors are continuously honing their skills to find new ways to penetrate networks, disrupt business-critical systems and steal confidential data. In the early days of the internet, adversaries used file-based malware to carry out attacks, and it was relatively easy to stop them with signature-based defenses. Modern threat actors have a much wider variety […] | Malware Threat | ||
|
2022-03-17 05:15:09 | CrowdStrike and Cloudflare Expand Zero Trust from Devices and Identities to Applications (lien direct) | Threat actors continue to exploit users, devices and applications, especially as more of them exist outside of the traditional corporate perimeter. With employees consistently working remotely, adversaries are taking advantage of distributed workforces and the poor visibility and control that legacy security tools provide. Traditional tools that connect employees to corporate applications like VPNs and […] | Threat | ★★★★ | |
|
2022-03-15 13:30:18 | Meet the Channel Chief: Michael Rogers Shares How CrowdStrike Is Driving Growth for Partners (lien direct) | CrowdStrike last week announced Michael Rogers was promoted to vice president of global business development, channel and alliances. His appointment comes after years of driving growth in CrowdStrikeâs channel program and a career built working with partners across the security industry. Rogers takes on this role after a tremendous year for CrowdStrikeâs partner ecosystem: For […] | |||
|
2022-03-15 12:19:11 | (Déjà vu) cr8escape: New Vulnerability in CRI-O Container Engine Discovered by CrowdStrike (CVE-2022-0811) (lien direct) | CrowdStrike cloud security researchers discovered a new vulnerability (dubbed âcr8escapeâ and tracked as CVE-2022-0811) in the Kubernetes container engine CRI-O. CrowdStrike disclosed the vulnerability to Kubernetes, which worked with CRI-O to issue a patch that was released today. It is recommended that CRI-O users patch immediately. CrowdStrike customers are protected from this threat by the […] | Vulnerability Threat | Uber | |
|
2022-03-15 12:19:11 | cr8escape: Zero-day in CRI-O Container Engine Discovered by CrowdStrike (CVE-2022-0811) (lien direct) | CrowdStrike cloud security researchers discovered a zero-day vulnerability (dubbed âcr8escapeâ and tracked as CVE-2022-0811) in the Kubernetes container engine CRI-O. CrowdStrike disclosed the vulnerability to Kubernetes, which worked with CRI-O to issue a patch that was released today. It is recommended that CRI-O users patch immediately. CrowdStrike customers are protected from this threat by the […] | Vulnerability Threat | Uber | |
|
2022-03-14 20:40:03 | Falcon OverWatch Threat Hunting Uncovers Ongoing NIGHT SPIDER Zloader Campaign (lien direct) | Over recent months, the CrowdStrike Falcon OverWatch™ team has tracked an ongoing, widespread intrusion campaign leveraging bundled .msi installers to trick victims into downloading malicious payloads alongside legitimate software. These payloads and scripts were used to perform reconnaissance and ultimately download and execute NIGHT SPIDER’s Zloader trojan, as detailed in CrowdStrike Falcon X™ Premium reporting. […] | Threat | ||
|
2022-03-11 17:26:58 | Empower Your SOC with New Applications in the CrowdStrike Store (lien direct) | With chaos seemingly surrounding us in security, it can be hard to cut through the noise. How do you detect and prioritize evolving threats and what tools should you use to address them? With new attacks and vulnerabilities on the rise, combined with ineffective security tools and the industryâs ongoing skill shortage, security operations center […] | |||
|
2022-03-10 20:58:14 | Buying IAM and Identity Security from the Same Vendor? Think Again. (lien direct) | With the growing risk of identity-driven breaches, as seen in recent ransomware and supply chain attacks, businesses are starting to appreciate the need for identity security. As they assess how best to strengthen identity protection, there is often an urge to settle for security features or modules included in enterprise bundles from the same vendor […] | Ransomware | ||
|
2022-03-09 20:25:53 | March 2022 Patch Tuesday: Critical Microsoft Exchange Bug and Three Zero-day Vulnerabilities (lien direct) | Microsoft has released 71 security patches for its March Patch Tuesday rollout. Of the 71 CVEs addressed, three are ranked as Important zero-days. This month the quantity of patches for Critical vulnerabilities remains low; however, the total number of updates is nearly double what was offered in February 2022. As vulnerabilities and patches continue to […] | |||
|
2022-03-09 19:37:29 | Five Steps to Kick-start Your Move to XDR (lien direct) | Alert overload is practically a given for security teams today. Analysts are inundated with new detections and events to triage, all spread across a growing set of disparate, disconnected security tools. In fact, theyâve burgeoned to such an extent that the average enterprise now has 45 cybersecurity-related tools deployed across its environment. As attacks grow […] | |||
|
2022-03-09 13:28:53 | CrowdStrike and Cloud Security Alliance Collaborate to Enable Pervasive Zero Trust (lien direct) | The security problems that plague organizations today actually havenât changed much in 30 years. Weak and shared passwords, misconfigurations and vulnerabilities are problems that have tormented the industry for years and persist to this day. Whatâs changed is the speed and sophistication at which todayâs adversary can weaponize these weaknesses. Thereâs a misperception that stopping […] | |||
|
2022-03-07 17:30:49 | PROPHET SPIDER Exploits Citrix ShareFile Remote Code Execution Vulnerability CVE-2021-22941 to Deliver Webshell (lien direct) | At the start of 2022, CrowdStrike Intelligence and CrowdStrike Services investigated an incident in which PROPHET SPIDER exploited CVE-2021-22941 â a remote code execution (RCE) vulnerability impacting Citrix ShareFile Storage Zones Controller â to compromise a Microsoft Internet Information Services (IIS) web server. The adversary exploited the vulnerability to deploy a webshell that enabled the […] | Vulnerability | ||
|
2022-03-07 09:55:04 | The Easy Solution for Stopping Modern Attacks (lien direct) | Modern cyberattacks are multifaceted, leveraging different tools and techniques and targeting multiple entry points. As noted in the CrowdStrike 2022 Global Threat Report, 62% of modern attacks do not use traditional malware and 80% of attacks use identity-based techniques, meaning that attacks target not only endpoints, but also cloud and identity layers with techniques that […] | Malware Threat | ||
|
2022-03-03 16:06:41 | CrowdStrike Falcon Enhances Fileless Attack Detection with Accelerated Memory Scanning Feature (lien direct) | CrowdStrike introduces memory scanning into the CrowdStrike Falcon® sensor for Windows to enhance existing visibility and detection of fileless threats The Falcon sensor integrates Intel threat detection technology to perform accelerated memory scanning for malicious byte patterns Memory scanning is optimized for performance on Intel CPUs, including high-performance operation, by offloading the operation to an […] | Threat | ||
|
2022-03-02 19:55:14 | How a Strong Identity Protection Strategy Can Accelerate Your Cyber Insurance Initiatives (lien direct) | The growth in frequency and severity of cyberattacks has caused organizations to rethink their security strategies. Major recent security threats, such as high-profile ransomware attacks and the Log4Shell vulnerabilities disclosed in 2021, have led to a greater focus on identity protection as adversaries rely on valid credentials to move laterally across target networks. Cyber insurers […] | Ransomware | ||
|
2022-03-02 12:40:17 | Reinventing Managed Detection and Response (MDR) with Identity Threat Protection (lien direct) | The modern threat landscape continues to evolve with an increase in attacks leveraging compromised credentials. An attacker with compromised credentials too frequently has free reign to move about an organization and carefully plan their attack before they strike. This week Falcon Complete™, CrowdStrikeâs leading managed detection and response (MDR) service, announced a new managed service […] | Threat Guideline | ★★★★ | |
|
2022-03-01 20:57:13 | Decryptable PartyTicket Ransomware Reportedly Targeting Ukrainian Entities (lien direct) | Summary On Feb. 23, 2022, destructive attacks were conducted against Ukrainian entities. Industry reporting has claimed the Go-based ransomware dubbed PartyTicket (or HermeticRansom) was identified at several organizations affected by the attack,1 among other families including a sophisticated wiper CrowdStrike Intelligence tracks as DriveSlayer (HermeticWiper). Analysis of the PartyTicket ransomware indicates it superficially encrypts files […] | Ransomware | ||
|
2022-02-25 21:45:10 | CrowdStrike Falcon Protects from New Wiper Malware Used in Ukraine Cyberattacks (lien direct) | On Feb. 23, 2022, a new wiper malware was reported targeting Ukraine systems The wiper destroys files on infected Windows devices by corrupting specific elements of connected hard drives CrowdStrike Intelligence refers to this destructive malware as DriveSlayer DriveSlayer is the second recent destructive malware targeting Ukraine, following WhisperGate The CrowdStrike Falcon® platform provides continuous […] | Malware | ||
|
2022-02-25 14:52:29 | Data Protection 2022: New U.S. State Laws Reflect Convergence of Privacy and Security Requirements (lien direct) | Many countries around the world recognized Data Protection Day in January â a day that highlights the importance of protecting individual privacy and data against misuse. The U.S. celebrated Data Privacy Day, where privacy and security have often been seen as two separate issues. This is evidenced by the way law has historically developed. At […] | |||
|
2022-02-25 14:42:54 | Nowhere to Hide: Detecting a Vishing Intrusion at a Retail Company (lien direct) | The CrowdStrike Falcon OverWatch™ 2021 Threat Hunting Report details the interactive intrusion activity observed by hunters from July 2020 to June 2021. While the report brings to light some of the new and innovative ways threat actors are gaining access into victim organizationâs networks, social engineering remains a tried and true method of gaining access […] | Threat | ||
|
2022-02-24 19:18:20 | Protecting Cloud Workloads with CrowdStrike and AWS (lien direct) | Migrating to the cloud has allowed many organizations to reduce costs, innovate faster and deliver business results more effectively. However, as businesses expand their cloud investments, they must adapt their security strategies to stay one step ahead of threats that target their expanded environment. Managing, securing and having visibility across endpoints, networks and workloads is […] | |||
|
2022-02-24 12:54:27 | Modernize Your Security Stack with the Falcon Platform (lien direct) | The job for CIOs, CISOs and their security and IT teams may be more complex than ever in 2022. Ongoing support for hybrid workforces, coupled with the continued shift to the cloud, has expanded the threat surface. At the same time, the infrastructure and environments supporting organizations are growing ever more vulnerable. According to the […] | Threat | ||
|
2022-02-23 13:31:21 | CrowdStrike Automates Vulnerability Remediation Processes While Enhancing SecOps Visibility (lien direct) | Adversaries are becoming more adept and sophisticated in their attacks. Taking advantage of vulnerabilities present in major software is often an attractive entry point for establishing a campaign within an enterprise environment. The CrowdStrike 2022 Global Threat Report highlights how adversaries continue to shift tradecraft and weaponize vulnerabilities to evade detection and gain access to […] | Vulnerability Threat | ||
|
2022-02-23 05:36:44 | Access Brokers: Who Are the Targets, and What Are They Worth? (lien direct) | Access brokers have become a key component of the eCrime threat landscape, selling access to threat actors and facilitating myriad criminal activities. Many have established relationships with big game hunting (BGH) ransomware operators and affiliates of prolific ransomware-as-a-Service (RaaS) programs. The CrowdStrike Intelligence team analyzed the multitude of access brokersâ advertisements posted since 2019 and […] | Ransomware Threat | ||
|
2022-02-22 17:26:36 | Why the Most Effective XDR Is Rooted in Endpoint Detection and Response (lien direct) | Extended detection and response (XDR) solutions deliver powerful capabilities to help security teams fight adversaries by increasing visibility, simplifying operations and accelerating identification and remediation across the security stack. XDR platforms gather and aggregate security data from a variety of sources to help detect and contain advanced attacks. But when it comes to efficiently analyzing […] | |||
|
2022-02-22 10:32:44 | CrowdStrike Research Investigates Exploit Behavior to Strengthen Customer Protection (lien direct) | CrowdStrike continuously observes and researches exploit behavior to strengthen protection for customers Code execution techniques constantly target Windows, Linux and macOS operating systems Successful remote/arbitrary code execution can enable a foothold for attackers to continue compromise Understanding and detecting post-exploit activity is imperative for keeping environments safe As technology continues to evolve rapidly, so do […] | |||
|
2022-02-18 09:04:41 | New Mercedes-AMG F1 W13 E Rises to the Challenge for Formula One 2022 (lien direct) | The year 2022 is a transformational one for F1. Itâs hard to overstate just how much has changed to the regulations that govern this sport â the fact that those regulations have doubled in size should give a clue. Having just witnessed one of the most thrilling and close-fought seasons in 2021, itâs important to […] | |||
|
2022-02-18 00:23:28 | How to Automate Workflows with Falcon Spotlight (lien direct) | Introduction Falcon Spotlight leverages the existing Falcon Agent to assess the status of vulnerabilities across the environment. While visibility and filtering capabilities are part of the user interface, this article will document integration options that CrowdStrike provides to help customers effectively operationalize Spotlightâs vulnerability findings. Video ï"¿ï"¿ï"¿ï"¿ï"¿ï"¿ï"¿ï"¿ï"¿ï"¿ï"¿ï"¿ Remediation Orchestration Using Falcon Fusion workflows, organizations can […] | Vulnerability |
To see everything:
Our RSS (filtrered)
