The market-leading CrowdStrike Falcon® platform, applying a combination of advanced machine learning (ML), artificial intelligence (AI) and deep analytics across the trillions of security events captured in the CrowdStrike Security Cloud, has identified a new supply chain attack pattern during the installation of a chat based customer engagement platform.

The CrowdStrike Falcon Complete™ managed detection and response (MDR) team recently uncovered a creative and opportunistic interpretation of a watering hole attack that leverages GitHub to gain access to victim organizations. In the observed cases, there were no phishing emails, no exploitation of public-facing vulnerabilities, no malvertising and no compromised credentials.

In Part 1 of this four-part blog series examining wiper malware, the CrowdStrike Endpoint Protection Content Research Team introduced the topic of wipers, reviewed their recent history and presented common adversary techniques that leverage wipers to destroy system data. In Part 2, the team dove into third-party drivers and how they may be used to destroy system data.

The digital footprint of the modern organization is expanding at an unprecedented rate. The move to the cloud, Internet of Things (IoT), digital transformation, connected supply chain partners and related trends have led to an explosion of internet-facing assets. Cloud workloads, websites, user credentials, S3 buckets, SSL certificates, IoT, operational technology (OT), rogue IT devices, and more exist in the thousands across most organizations.

At CrowdStrike, we stop breaches. It’s a simple yet powerful promise to our customers, our partners and to the world. As thousands join us today in person at Fal.Con 2022 in Las Vegas, and thousands more watch remotely via livestream, it’s a promise that we want to reinforce and extend. As cyberattacks have grown more powerful and disruptive, the importance of stopping the breach has grown. Stopping the breach is about more than stopping a single attack.

Every second, as your IT systems run every facet of your business, they are also creating data related to the health, performance and security of the systems themselves. This information, known as log data, is vital to SecOps, ITOps and DevOps teams as they seek to understand how the IT environment is functioning — and how secure those assets are.

Another turbulent year for cybersecurity finds itself right at home alongside global economic headwinds and geopolitical tensions. This year has been defined by rampant affiliate activity, a seemingly endless stream of new vulnerabilities and exploits, and the widespread abuse of valid credentials. These circumstances have conspired to drive a 50% increase in interactive intrusion activity tracked by CrowdStrike Falcon OverWatch™ threat hunters this year.

As cyberattacks continue to grow relentlessly, enterprises have to continue improving their cyber defenses to stay one step ahead of the adversaries. One area that CISOs have recently started paying more attention is identity threat protection. This is not surprising considering 80% of modern attacks are identity-driven leveraging stolen credentials. In fact, identity threat detection and response is highlighted as one of the top trends in cybersecurity in 2022 by Gartner.

Threat hunting is a critical security function, a proactive measure to detect warning signs and head off attacks before a breach can occur. Scaling threat hunting capabilities involves quickly deriving actionable intelligence from a large number of behavioral data signals to identify gaps and reduce time to respond.