Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Move from a High-Cost Legacy SIEM to High-Speed Falcon LogScale

The fastest adversary can “break out” — or move laterally — in only seven minutes after compromising an endpoint. Yes, you heard that right. Seven minutes. In the relentless race against adversaries, every second counts. To avoid breaches, you need to detect and stop adversaries before they can break out and expand their realm of control.

Safeguarding K-12 Education: A Whole-of-State Approach to Cybersecurity for Chromebook-Centric School Districts

In today’s rapidly evolving digital landscape, K-12 school districts are harnessing the power of technology to transform education. The widespread adoption of Chromebooks has revolutionized the learning process, providing students with tools for collaboration, research and creativity. However, along with these advancements come unprecedented cybersecurity challenges that demand a comprehensive strategy.

The Windows Restart Manager: How It Works and How It Can Be Hijacked, Part 2

In the first part of this series, we provided a brief overview of the Windows Restart Manager. In this blog post, we examine how these mechanisms can be exploited by adversaries and review how the CrowdStrike Falcon platform can detect and prevent these attacks.

The Common Cloud Misconfigurations That Lead to Cloud Data Breaches

The cloud has become the new battleground for adversary activity: CrowdStrike observed a 95% increase in cloud exploitation from 2021 to 2022 and a 288% jump in cases involving threat actors directly targeting the cloud. Defending your cloud environment requires understanding how threat actors operate: how they’re breaking in and moving laterally, which resources they target and how they evade detection.

CrowdStrike Teams with the MITRE Engenuity Center for Threat-Informed Defense in Development of TRAM II

The MITRE ATT&CK framework provides the cybersecurity industry with a common language for describing adversary behaviors, making it invaluable for organizations building or operating cyber defenses, as well as advancing research across the threat landscape.

The Windows Restart Manager: How It Works and How It Can Be Hijacked, Part 1

Malware utilizes a multitude of techniques to avoid detection, and threat actors are continuously uncovering and exploiting new methods of attack. One of the less common techniques includes the exploitation of the Windows Restart Manager. To stay ahead of malicious authors, it is important to be aware of them and understand how they work.

Amid Sharp Increase in Identity-Based Attacks, CrowdStrike Unveils New Threat Hunting Capability

Adversaries are doubling down on identity-based attacks. According to Nowhere to Hide: CrowdStrike 2023 Threat Hunting Report, we’ve seen an alarming 583% year-over-year increase in Kerberoasting attacks — a form of identity-based threat — and a 147% increase in access broker advertisements on the dark web. Adversaries are evolving their tradecraft, building custom tooling and leveraging more than usernames and passwords to breach your environments.

CrowdStrike's Solution to Help School Districts Meet Cybersecurity Challenges

IT administrators and security teams are back to school and busy preparing for new students and new challenges. Technology is now an integral part of K-12 education — since the pandemic, ChromeOS devices like Chromebooks have revolutionized the learning experience, enabling students and educators to access a wealth of resources and collaborate seamlessly from almost anywhere, evolving the way students learn and teachers teach.

Three Ways to Enhance Your Cloud Security with External Attack Surface Management

The IT future is a cloudy one. Organizations are increasingly relying on cloud servers, as today’s IT environments use a combination of public and private clouds alongside on-premise infrastructure. Gartner® estimates that by 2026, 75% of organizations will adopt a digital transformation model predicated on the cloud as the fundamental underlying platform.