CrowdStrike Counter Adversary Operations has been investigating a series of cyberattacks and strategic web compromise (SWC) operations targeting organizations in the transportation, logistics and technology sectors that occurred in October 2023. Based on a detailed examination of the malicious tooling used in these attacks, along with additional reporting and industry reports, CrowdStrike Intelligence attributes this activity to the IMPERIAL KITTEN adversary.

For many cybersecurity leaders, the most intimidating threat they encounter isn’t an adversary — it’s the daunting prospect of trying to win over key business stakeholders and obtain vital budget.

A federated identity provider is an outside service provider that has been entrusted by an organization as an authority regarding user authentication and identity management. In the context of a service that leverages single sign-on (SSO), when an individual user requests access to the service, the service contacts the identity provider (IdP) to validate the user’s identity.

At CrowdStrike, we’re on a mission to stop breaches. As adversaries weaponize vulnerabilities with increasing speed, organizations must accelerate their ability to identify security gaps and proactively manage their risk exposure before an adversary breaks in.

Ransomware is a scourge that is on track to inflict over $30 billion in damages in 2023. Businesses and organizations that are hit by a ransomware attack face a potentially devastating data breach, with system downtime, recovery, negative publicity and the likelihood of a ransom payment to deal with. Many small businesses are unable to recover from the ordeal and end up permanently shutting their doors within months of being hit.