Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

How Defenders Can Hunt for Malicious JScript Executions: A Perspective from OverWatch Elite

An adversary’s ability to live off the land — relying on the operating system’s built-in tooling and user-installed legitimate software rather than tooling that must be brought in — may allow them to navigate through a victim organization’s network relatively undetected. CrowdStrike Falcon OverWatch™ threat hunters are acutely aware of adversaries’ love of these living off the land binaries (LOLBins) and build their hunts accordingly.

Hunting a Global Telecommunications Threat: DecisiveArchitect and Its Custom Implant JustForFun

The security landscape is constantly developing to provide easier ways to establish endpoint visibility across networks through the use of endpoint detection and response (EDR) utilities. However, certain challenges still remain, particularly as a result of many organizations' need for systems running legacy or proprietary operating systems, such as Solaris. If such systems are not adequately protected using other security controls or unless they can only be accessed by systems with appropriate endpoint-based detection/prevention capabilities, this can cause a gap in visibility for an organization that an adversary could abuse.

Mirai Malware Variants for Linux Double Down on Stronger Chips in Q1 2022

Popular for compromising internet-connected devices and conducting distributed denial of service (DDoS) attacks, Mirai malware variants have been known to compromise devices that run on Linux builds ranging from mobile and Internet of Things (IoT) devices to cloud infrastructures.

CrowdStrike Named an Overall Leader in 2022 KuppingerCole Leadership Compass for EPDR Market

CrowdStrike is proud to announce its recognition as an Overall Leader with the highest rating in the 2022 KuppingerCole Leadership Compass for vendors in the Endpoint Protection, Detection & Response (EPDR) market. The Overall Leadership ranking provides a combined view of ratings across Product, Innovation and Market Leadership categories. Our acknowledgement as an Overall Leader in this report underscores CrowdStrike’s continued leadership in EPDR and commitment to EPDR innovation.

Follow the Money: How eCriminals Monetize Ransomware

The transaction details and monetization patterns of modern eCrime reveal critical insights for organizations defending against ransomware attacks. Cybercrime has evolved over the past several years from simple “spray and pray” attacks to a sophisticated criminal ecosystem centered around highly effective monetization techniques that enable adversaries to maximize success and profitability.

CrowdStrike Falcon Pro for Mac Achieves Highest Score in AV-TEST MacOS Evaluation for Business Users (March 2022)

CrowdStrike is the only vendor to achieve the highest possible score of 18 points in protection, performance and usability out of all four tested vendors during the AV-TEST MacOS evaluation for business users in March 2022.

Featured Post

Proactive Threat Hunting Bears Fruit: Falcon OverWatch Detects Novel IceApple Post-Exploitation Framework

The CrowdStrike Falcon OverWatch™ proactive threat hunting team has uncovered a sophisticated .NET-based post-exploitation framework, dubbed IceApple. Since OverWatch's first detection in late 2021, the framework has been observed in multiple victim environments in geographically distinct locations, with intrusions spanning the technology, academic and government sectors.

CrowdStrike Partners with Center for Threat-Informed Defense to Reveal Top Attack Techniques Defenders Should Prioritize

The MITRE ATT&CK matrix revolutionized security, providing a common language and taxonomy for companies and security vendors to use when talking about and measuring cybersecurity, with an emphasis on adversary behaviors. However, building a defensive strategy using this insight can be overwhelming due to its 14 tactics, 191 techniques and 386 sub-techniques, and often thousands of implementation procedures for each technique that change constantly.

macOS Malware Is More Reality Than Myth: Popular Threats and Challenges in Analysis

Understanding the threat landscape and how threats behave is the first step CrowdStrike researchers take toward strengthening customer protection. They based the following threat landscape analysis on internal and open source data, which revealed that in 2021 the most commonly encountered macOS malware types were ransomware (43%), backdoors (35%) and trojans (17%). Each category is powered by a different motive: ransomware by money, backdoors by remote access and trojans by data theft. Figure 1.