Category: https://www.crowdstrike.com/blog/feed

This article has been indexed from https://www.crowdstrike.com/blog/feed Public sector organizations continue to deal with a threat landscape unlike any we’ve seen before. They’re being targeted in increasingly stealthy and sophisticated cyberattacks from both nation-state and eCrime adversaries. And at the…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed This blog was originally published June 16, 2021 on humio.com. Humio is a CrowdStrike Company. A log is a computer-generated file that captures activity within the operating system or software applications. The log file…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed Thibault Martin-Lagardette is no stranger to big ideas. Within his first year at CrowdStrike, he successfully pitched the idea of building our market-leading CrowdStrike Falcon® product for iOS. Three years in, he’s now…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed If you’re interested in starting a career in cybersecurity, then this is a can’t-miss 5 Questions. Here we sit down with EMEA Recruitment Partner Amy Bird to talk about what she looks for…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed This blog was originally published Aug. 7, 2020 on humio.com. Humio is a CrowdStrike Company. John visits with Junaid Sheriff, Bloomreach Product Manager for Cloud. Bloomreach helps companies around the world to grow online revenue by…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed Introduction Public cloud environments are excellent targets for cryptojacking. With the proper access, an adversary can take advantage of expensive, quickly provisioned virtual resources without detection. CrowdStrike’s Cloud Security Posture Management solution, Falcon…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed How our engineering team overcame scaling limitations and improved reliability in our high-throughput, asynchronous data processing pipeline Apache Kafka is a high-throughput, low-latency distributed messaging system with support for multiple, de-coupled producers and…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed Malvertising campaigns delivering Shlayer malware for macOS are still ongoing, despite the patching of a critical zero-day vulnerability (CVE-2021-30657) abused for months to compromise victims by dodging built-in OS protections such as Gatekeeper…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed In our latest installment of 5 Questions, we sit down with Aparna Chaudhari to learn more about her role, what she’s learned during her time at CrowdStrike and why a more diverse workforce…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed CrowdStrike Falcon Pro™ for Mac recently won a fourth consecutive Approved Security Product award from leading independent testing organization AV-Comparatives, achieving 99.8% Mac malware protection. The AV-Comparatives Mac Security Test and Review 2021…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed This blog was originally published June 3, 2021 on humio.com. Humio is a CrowdStrike Company. Federal government requests more budget for cybersecurity in wake of continued cyber attacks Just a few weeks ago,…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed The month of July 2021 has been particularly challenging for organizations relying on Microsoft products. Along with the ongoing PrintNightmare out-of-band patch bypass situation affecting Windows Print Spooler, attackers are targeting other Microsoft…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed As part of June’s Patch Tuesday, an update for CVE-2021-1675 “Windows Print Spooler Remote Code Execution Vulnerability” was published. However, weeks later, researchers uncovered that the CVE-2021-1675 patch did not address many of…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed This blog was originally published March 20, 2020 on humio.com. Humio is a CrowdStrike Company. This week, John talks with Miguel Adams, a Security Engineer at a US government agency. Miguel shares his…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed Managed service providers (MSPs) provide extremely important and valuable services by assisting organizations with information technology related tasks such as provisioning software or Active Directory accounts. Yet despite all of the benefits an…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed The global pandemic has accelerated the need for security transformation, and public sector agencies have found themselves targeted by attackers more than ever. In response, the recent U.S. Executive Order on Improving the…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed This blog was originally published June 28, 2021 on humio.com. Humio is a CrowdStrike Company. In this episode, we talk with industry veteran and CrowdStrike CTO, Michael Sentonas about the decision to acquire…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed For years, ransomware was a nuisance that impacted individuals who were unfortunate enough to encounter it via banking trojans, exploit kits or phishing attacks and resulted in a large number of small-value ransoms…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed Kaseya, makers of popular IT software used by managed service providers (MSPs), was recently affected by an REvil ransomware attack CrowdStrike associates REvil ransomware to the PINCHY SPIDER threat actor  CrowdStrike Falcon® platform…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed This blog was originally published June 28, 2021 on humio.com. Humio is a CrowdStrike Company. I recently had the pleasure of speaking with CrowdStrike CTO Michael Sentonas for Episode 47 of our The Hoot podcast…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed Introduction Falcon Spotlight, CrowdStrike’s vulnerability management module, leverages the existing agent to provide real time vulnerability assessment of managed hosts. That vulnerability data is available in the CrowdStrike UI, but can also be…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed One common challenge facing cloud engineers is how to develop and run tests that are distributed across multiple clusters, teams, environments or services. The use of new technologies, like containerized workloads and services…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed When Garry Bodsworth started at CrowdStrike nearly four years ago, he was our company’s first cloud engineer in the UK. Since that time, our engineering team has expanded and evolved — and so…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed This blog was originally published April 13, 2021 on humio.com. Humio is a CrowdStrike Company. Humio software engineers Thomas Anagrius and Jeroen Engels sat down to talk about why they got involved with…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed June is Pride Month in the U.S., a time to give the metaphorical mic to people within the LGBTQIA+ community who want to share their perspectives and experiences. Joining us today for a…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed This blog was originally published July 31, 2020 on humio.com. Humio is a CrowdStrike Company. As fintech solutions have proliferated in the financial service industry, one of the emerging keys to growing a…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed The CrowdStrike Services team is excited to announce the release of AutoMacTC 1.2.0 to the community. AutoMacTC was originally released in March 2019 to help incident responders investigate intrusions on macOS systems. Read…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed This blog was originally published Dec. 30, 2019 on humio.com. Humio is a CrowdStrike Company. Observability. It’s a buzzword that has been making the rounds in the IT Ops, DevOps, and Security Ops space…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed CrowdStrike recently observed a ransomware sample borrowing implementations from previous HelloKitty and FiveHands variants and using a Golang packer compiled with the most recent version of Golang (Go1.16, released mid-February 2021). These ransomware…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed The term “threat hunting” is increasingly thrown around the cybersecurity industry as a catch-all for any proactive or human-lead defensive security measures. This is evidenced by the SANS 2020 Threat Hunting Survey, in…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed This blog was originally published Nov. 10, 2017 on humio.com. Humio is a CrowdStrike Company. Cloud native applications are giving teams the right abstractions to deploy software faster than ever before possible. These…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed This blog was originally published on humio.com. Humio is a CrowdStrike Company. “There are a lot of use cases — everything from support asking day-to-day questions to running reports, looking for trends, pattern…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed Countless headlines report what we already know all too well: No matter how advanced cybersecurity prevention tools are, with enough motivation, time and resources, adversaries will eventually devise a way to get through…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed In this blog, we describe a string of recent incidents in which the CrowdStrike Falcon Complete™ team observed a financially motivated eCrime operator (likely WIZARD SPIDER) use compromised external remote services (Microsoft Remote…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed Like many of our regions around the world, CrowdStrike Japan is growing at a steady clip. Over the past year, our team there more than doubled — and more hires are expected to…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed This blog was originally published Nov. 16, 2020 on humio.com. Humio is a CrowdStrike Company. Using log management to provide a vital record of operations and proactively detect performance and security issues is…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed ZIP files are a known vector for phishing campaigns, ransomware and other malicious action.  Because the format isn’t generally executable (minus self-extracting ZIPs), it hasn’t gotten as much attention as executable formats. This…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed May 25, 2021, marked three years since the European Union’s General Data Protection Regulation, commonly referred to as GDPR, went into effect. Though GDPR was built on longstanding European and international data protection…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed As the threat environment rapidly evolves with more targeted and sophisticated attacks on the supply chain and critical infrastructure, the U.S. Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) is even more…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed In 2020, CrowdStrike Services observed the continued evolution and proliferation of eCrime adversaries engaging in big game hunting (BGH) ransomware techniques. This trend is continuing into 2021 — a recent high-profile example is…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed “You can’t be what you can’t see.”  It’s a saying that has been circulating in networking events and professional development seminars — particularly those geared toward women, people of color, and other underrepresented…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed At CrowdStrike, it’s not uncommon for employees to have multifaceted roles. Just ask Will Kormos, a computer engineer whose job straddles the line between SDET and DevOps.  In this latest installment in our…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed This blog was originally published May 6, 2021 on humio.com. Humio is a CrowdStrike Company. For this episode of The Hoot, we were joined by Simon Phillips, a security operations expert and distinguished…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed Why “Alerts as Code” is a winning strategy for system maintenance and analysis  While running multiple, independent clouds offers organizations many important benefits such as resiliency, flexibility and scalability, operating such an environment…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed This blog was originally published April 29, 2021 on humio.com. Humio is a CrowdStrike Company. At Humio, our web client is written in Elm, a pure, functional programming language that compiles to JavaScript.…

Read more →

This article has been indexed from https://www.crowdstrike.com/blog/feed June is Pride Month, which for many LGBTQ+ people is a time to honor the past, celebrate the progress that’s been made and chart the course forward. Here to share her perspectives on…

Read more →

When you work for a fast-paced organization such as CrowdStrike, people tend to wear many hats. On paper, Emily Baker is the Regional Alliance Manager based out of Sydney. But day-to-day, she plays the part of sales strategist, conflict resolution……

Read more →

RSA Conference 2021 is zooming closer! Our engines have been running at race speed preparing to deliver an action-packed virtual event. Be at the ready for our exciting announcements, including advancements in identity protection and Zero Trust, cloud security advancements……

Read more →

This blog describes a recent incident that highlights the CrowdStrike Falcon Complete™ team’s ability to act as an extension of a customer’s security team to quickly detect, triage and contain an active attacker before it was able to achieve its……

Read more →

CrowdStrike’s position as a cybersecurity pioneer and innovator has we believe been reaffirmed in the Gartner 2021 Magic Quadrant for Endpoint Protection Platforms (EPP), released today. This recognition is the second consecutive time that CrowdStrike has been named a Leader……

Read more →

Organizations adopting cloud-native applications face an increasingly diverse and sophisticated threat landscape, in addition to proliferating devices and expanding remote workforces. Meeting these challenges requires deeper integration between cloud services and security solutions, with an equally shared responsibility for securing……

Read more →

Introduction Cloud Security Posture Management products help companies monitor for various human errors and misconfigurations across public cloud environments. To maximize the value of any CSPM solution, the findings need to be consumable, actionable and incorporated into daily operations. Video……

Read more →

How will your security team react when a sophisticated adversary has you in their sights? Will your team act in time to stop the breach? In last year’s MITRE Engenuity ATT&CK® Evaluation vs. COZY BEAR, we talked about the importance……

Read more →

The threat landscape is constantly evolving, with an increase in incidents and breaches being reported rapidly across industries. In 2020, the number of data breaches soared from a decade ago, according to Statista: over 1,000 breaches compared to 662 in……

Read more →

Read the original article: Channel Account Manager Brearna Leopold on the Power of Seizing Every Opportunity

Read more →

Read the original article: Blocking Fileless Script-based Attacks Using CrowdStrike Falcon’s Script Control Feature

Read more →

Read the original article: Explore the Adversary Universe Since the beginning of CrowdStrike’s history, we have relentlessly pursued cyber adversaries across the internet, because we knew back when we started the company as we do now, it doesn’t matter whether…

Read more →

Read the original article: University Recruiter Julie Slater on how to make entry-level hiring more equitable Most university recruiters would describe their jobs as rewarding or exciting — perhaps even fun. But a word that doesn’t often make the list…

Read more →

Read the original article: To Get Cloud Security Cooking, You Need The Right Recipe For Success Slow down a development team with security, and expect to be greeted with a wave of frustration. Between a lack of integration of security tools…

Read more →

Read the original article: Mapping It Out: Analyzing the Security of eBPF Maps Extended Berkeley Packet Filter, or eBPF, is a fascinating part of the Linux kernel that has seen rapid growth and improvement over the last few years. Originally…

Read more →

Read the original article: 2021 Global Threat Report: Analyzing a Year of Chaos and Courage Everyone reading this will likely remember the year 2020 for the rest of their lives. It was a year of hardship and grief for many,…

Read more →

Read the original article: CrowdStrike Redefines True XDR With Humio Acquisition Read about the acquisition of Humio Richer data, and the correlations that it can unlock, are the key to XDR. Focused on the Adversary — Not the Acronym As…

Read more →

Read the original article: CrowdStrike Falcon X Recon Introduction Criminal underground digital economies are hidden throughout the recesses of the internet. To find the activity of these malicious actors, not only do you need to search the open web, but…

Read more →

Read the original article: Don’t Get Schooled: Understanding the Threats to the Academic Industry The academic and education industry is large and complex. It comprises a diverse range of institutions, from elementary schools through to research organizations, and spans both…

Read more →

Read the original article: Container Security with CrowdStrike Introduction Organizations are shifting towards cloud-native architectures to meet the efficiency and scalability needs of today. But along with the adoption of containers, microservices, and Kubernetes comes increased risks such as poor…

Read more →

Read the original article: February 2021 Patch Tuesday: Updates for Zerologon and Notable CVE-2021-1732 While the total number of patches Microsoft delivered in its “Patch Tuesday” update this month is lower than usual, it included some sorely needed fixes —…

Read more →

Read the original article: How Identity Analyzer Improves Cloud Security Introduction The growing use of public cloud infrastructure not only expands the attack surface, but it also increases the management complexity and risk. As demonstrated with the Sunburst attack, the…

Read more →

Read the original article: Press #1 to Play: A Look Into eCrime Menu-style Toolkits The year 2020 has seen an accelerated uptick in eCrime activity, as well as an obvious shift in eCrime adversaries engaging in big game hunting (BGH)…

Read more →

Read the original article: A Conversation with Carla Brown on How CrowdStrike Can Advance Its Diversity Agenda and Reduce Economic Disparity in the Black Community Almost everyone in the tech world can agree that the industry needs to do more…

Read more →

Read the original article: So You Think Your Containers Are Secure? Four Steps to Ensure a Secure Container Deployment The need for speed and agility in today’s digital business requires changes to IT infrastructure, most notably the shift to cloud-native…

Read more →

Read the original article: How to Stay Cyber Aware of Weaknesses and Vulnerabilities in Your Environment Identifying and remediating vulnerabilities is a fundamental step towards creating a secure IT environment. Building a successful vulnerability management program, however, requires more than…

Read more →

Read the original article: Sales Engineering Manager Shigeru Suzuki on Working Remotely, the Challenges of Cybersecurity and Becoming a Trusted Advisor to Clients For CrowdStrike Sales Engineering Manager Shigeru Suzuki, working remotely is somewhat uncommon in Japan where he’s based.…

Read more →

Read the original article: Falcon X Recon: Mitigating Digital Risk on the Deep, Dark Web and Beyond Organizations face a myriad of risks brought about by the digital transformation of their business. These risks include digital fraud, data theft exposure,…

Read more →

Read the original article: Blocking SolarMarker Backdoor In this blog, we take a look at a recent detection that was blocked by the CrowdStrike Falcon® platform’s next-generation antivirus (NGAV). SolarMarker* backdoor features a multistage, heavily obfuscated PowerShell loader, which leads…

Read more →

Read the original article: Falcon X Recon: Exposing Digital Risk on the Deep, Dark Web and Beyond Organizations face a myriad of risks brought about by the digital transformation of their business. These risks include digital fraud, data theft exposure,…

Read more →

Read the original article: “Fake It ‘Til You Make It?” Not at CrowdStrike. Welcome to the Women of CrowdStrike blog series, a roundup of the latest tips, career advice and growth stories from inspiring leaders across the company.  At some…

Read more →

Read the original article: Check for Vulnerability Exposure to CVE-2021-3156 (Baron Samedit) with Falcon Spotlight A new, significant vulnerability was recently discovered, hiding in plain sight. CVE 2021-3156, also known as Baron Samedit, is considered potentially serious. The Cybersecurity &…

Read more →

Read the original article: Notification Workflows with CrowdStrike Introduction With the increase in sophistication of today’s threat actors, security teams are overwhelmed by an ever growing number of alerts. This causes alert fatigue and slows down threat identification and remediation,…

Read more →

Read the original article: The Celebration of Influential Black Women from the Civil Rights Era February is Black History Month, a time to reflect on notable figures in black history. Black heroes like Frederick Douglass, Harriet Tubman, Dr. Martin Luther…

Read more →

Read the original article: Solving the Complexity of Azure Identity: Horizon Identity Analyzer There are a lot of complexities when managing identity in Microsoft Azure, primarily in gaining end-to-end visibility of what a user can do and what properties are…

Read more →

Read the original article: Skeletons in the IT Closet: Seven Common Microsoft Active Directory Misconfigurations that Adversaries Abuse The modern IT organization has a wide variety of responsibilities and competing priorities. As a result, cybersecurity is often overlooked in favor…

Read more →

Read the original article: Dealing with Out-of-memory Conditions in Rust We recently integrated new functionality into our CrowdStrike Falcon sensor that was implemented in Rust. Rust is a relatively young language with several features focused on safety and security. Calling…

Read more →

Read the original article: Data Protection Day: Harnessing the Power of Big Data Protection Data Protection Day — known as Data Privacy Day outside of Europe — marks an opportunity to assess data privacy, use, access and controls for individuals…

Read more →

Read the original article: Pwn2Own: A Tale of a Bug Found and Lost Again In October 2020, the Pwn2Own Tokyo 2020 announcement caught our attention. Even though originally we hadn’t planned to participate, we checked out the target list and…

Read more →

Read the original article: Building Culture Without the Office: Five Best Practices for Creating a Positive and Engaging Culture in the COVID Era and Beyond As COVID-19 continues to accelerate the shift to home-based work, creating and maintaining a positive…

Read more →

Read the original article: Detecting and Preventing Kernel Attacks Any cyberattack can have a significant impact on business operations, but perhaps none are as sophisticated as kernel attacks.  Kernel attacks exploit the zero-day operating system vulnerabilities in the kernel or…

Read more →

Read the original article: Stellar Performances: How CrowdStrike Machine Learning Handles the SUNSPOT Malware The CrowdStrike® Intelligence team recently published its findings on a sophisticated supply chain attack. In a nutshell, the adversary planted a malicious file, dubbed SUNSPOT, on…

Read more →

Read the original article: Herpaderping: Security Risk or Unintended Behavior?  The answer to that question often depends on who you ask. By definition, process herpaderping is a hacking technique in which digital adversaries modify on-disk content after the image has…

Read more →

Read the original article: Sales Development Lead Alena Crumpacker on the Key Difference Between Scalability and Company Growth For CrowdStrike Senior Manager of Enterprise Sales Development Alena Crumpacker, there’s a difference between working at a company that is primed for…

Read more →

Read the original article: Security Advisory: MSRPC Printer Spooler Relay (CVE-2021-1678) On Patch Tuesday, January 12, 2021, Microsoft released a patch for CVE-2021-1678, an important vulnerability discovered by CrowdStrike® researchers. This vulnerability allows an attacker to relay NTLM authentication sessions…

Read more →

Read the original article: What The Queen’s Gambit Teaches Us About the Importance of Diversity in Business Are you one of the nearly 70 million people around the world who has watched The Queen’s Gambit on Netflix? Or perhaps you’ve…

Read more →

Read the original article: Seeing Malware Through the Eyes of a Convolutional Neural Network Motivation Deep learning models have been considered “black boxes” in the past, due to the lack of interpretability they were presented with. However, in the last…

Read more →

Read the original article: Offering Our People Autonomy, Mastery and Purpose: Patrick McCormack, SVP Cloud Engineering When deciding to take a new job, one of the biggest concerns is often who you’ll be working for — not just the company…

Read more →

Read the original article: The Critical Role of Cybersecurity in M&A: Part 2, Pre-Close This is Part 2 of our three-part blog series on the critical importance of cybersecurity in the M&A process. Part 1 addressed due diligence, and in…

Read more →

Read the original article: A Behind-the-Scenes Look at the Life of a CrowdStrike Engineer with Sorabh Lall, Senior Engineer Cybersecurity is all about anomalies — and perhaps no one can prove that point better than Sorabh Lall. As a senior…

Read more →

Read the original article: Learning How to Problem-Solve at Scale and Embrace a World of Continuous Change with Morgan Maxwell, Cloud Engineer At CrowdStrike, we sometimes like to say, “There’s data, big data and CrowdStrike data,” by which we mean…

Read more →

Read the original article: CrowdStrike Plans to Advance Zero Trust Capabilities with Acquisition of Preempt Security In 2020, we saw a rapid shift to digital transformation, accelerating the adoption of cloud technologies across industries. This secular technology trend has increased…

Read more →

Read the original article: Double Trouble: Ransomware with Data Leak Extortion, Part 1 The most prominent eCrime trend observed so far in 2020 is big game hunting (BGH) actors stealing and leaking victim data in order to force ransom payments…

Read more →

Read the original article: Go Beyond Today’s Cybersecurity at Fal.Con 2020 Fal.Con 2020 is less than six weeks away, and we have lots of news to share about our 4th annual CrowdStrike® Cybersecurity Conference on October 15! Fal.Con 2020 has…

Read more →

Read the original article: New Report: Falcon OverWatch Threat Hunting Leaves Adversaries with Nowhere to Hide CrowdStrike® Falcon OverWatch™ has released its new report, 2020 Threat Hunting Report: Insights from the CrowdStrike Falcon OverWatch Team. Now in its third year,…

Read more →