One of the most prevalent threats today, facing both organizations and individuals alike, is the use of ransomware. In 2021, 37% of organizations said they were victims of some type of ransomware attack. Ransomware can render large amounts of important data inaccessible nearly instantly. This makes reacting to potential ransomware events in a timely and accurate manner extremely important. Utilizing an endpoint security tool is critical to help mitigate these threats.

CrowdStrike is proud to announce its recognition as an Overall Leader with the highest rating in the 2022 KuppingerCole Leadership Compass for vendors in the Endpoint Protection, Detection & Response (EPDR) market. The Overall Leadership ranking provides a combined view of ratings across Product, Innovation and Market Leadership categories. Our acknowledgement as an Overall Leader in this report underscores CrowdStrike’s continued leadership in EPDR and commitment to EPDR innovation.

The first months of 2022 began slowly for privacy, but by the end of the first quarter we had our marching orders for the rest of the year. In the U.S., we saw an explosion of state privacy bills being put forward (again), the Senate utilized a seldom used maneuver to push President Biden’s Federal Trade Commission nominee through to confirmation, and Utah became the fourth state to enact comprehensive privacy legislation.

Web applications across the digital world are teeming with vulnerabilities increasingly equipped to defeat security mechanisms. Among them are injection attacks. We are aware of the many injection vulnerabilities present in a web application, for example, SQL injection, HTML injection, CRLF injection, cross-site scripting and many others. This article will discuss CRLF injection vulnerability in detail for web application security.

Without a doubt, partnering with third parties has many advantages, including boosting the functionalities and performance of an organization. But despite the benefits, third parties also introduce a host of risks to an organization, potentially disrupting operations, affecting financial standing, and harming reputation. An understanding of third-party risk management regulations is essential in order to protect your organization from a security breach and maintain a positive security posture.

It’s been more than a year since the PlayStation 5, Xbox Series X and Xbox Series S hit store shelves. These releases, combined with the ongoing pandemic, have led to an unprecedented number of people turning to gaming to spend their free time. But with that increase comes more interest from scammers hoping to take advantage of unsuspecting customers.

In this blog post, we will discuss what ransomware is, how it is used and the risks associated with it. We will also provide tips on how to protect yourself from ransomware attacks. If you prefer to watch Liam explain Ransomware in two minutes, click here.

On Tuesday, May 10, 2022, security researcher Oliver Lyak published a PoC exploit for CVE- 2022-26923, a privilege escalation vulnerability impacting Active Directory Domain Services with a CVSS score of 8.8 and high severity. The vulnerability allows a threat actor who has already compromised a user account to elevate privileges to Domain Admin, if Active Directory Certificates Services is running on the domain. Microsoft patched the vulnerability in May’s Patch Tuesday release.

Security is a critical, if somewhat overwhelming, task for any organization. As products grow and teams expand, the challenge of maintaining a security posture at scale increases as well. This is where automation comes in. The ability to automate security tasks offers obvious benefits such as increased speed, while also driving deeper shifts in a company’s culture and processes.