Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Can an Attack Start Without Malware? 82% of Attacks Do

Apr 2, 2026 By CrowdStrike In CrowdStrike
What looks like a simple coding task can quickly turn into a real cyberattack. In this demo, we show how a modern malware-free attack works step by step. It starts with something that feels completely normal: a job interview and a small coding assignment. No suspicious files. No obvious malware. But once the script is executed, everything changes. You’ll see how adversaries use trusted tools like Git, Notepad, and Python to gain access, establish command and control, and move inside an environment without being detected at first.
View Video
CrowdStrike

Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management

Apr 1, 2026 By Dr. Beth Williams In CrowdStrike
Microsoft has announced the retirement of the Windows UEFI CA 2011 certificate and the transition to the Windows UEFI CA 2023 certificate, with hard enforcement beginning in 2026. This update is part of Microsoft’s ongoing effort to preserve the integrity of the Windows Secure Boot trust chain and ensure continued delivery of boot-level security updates. For enterprise IT teams, this is not simply a certificate replacement.
Read Post
CrowdStrike

STARDUST CHOLLIMA Likely Compromises Axios npm Package

Apr 1, 2026 By Counter Adversary Operations In CrowdStrike
On March 31, 2026, a threat actor used stolen maintainer credentials to compromise the widely used HTTP client library Axios Node Package Manager (npm) package and deploy platform-specific ZshBucket variants. CrowdStrike Counter Adversary Operations attributes this activity to STARDUST CHOLLIMA with moderate confidence based on the adversary’s deployment of updated variants of ZshBucket (malware uniquely attributed to STARDUST CHOLLIMA) and overlaps with known STARDUST CHOLLIMA infrastructure.
Read Post

Outpacing Modern Adversaries with the CrowdStrike Agentic SOC

Mar 31, 2026 By CrowdStrike In CrowdStrike
Adversaries are weaponizing AI, accelerating tradecraft and moving from access to impact at machine speed. As breakout times collapse to seconds, security teams cannot rely on manual processes or static automation to keep up. Meet the CrowdStrike Agentic SOC, a new operating model built for the AI era.
View Video
CrowdStrike

Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse

Mar 31, 2026 By Yan Linkov In CrowdStrike
CVE-2026-20929, a vulnerability with a CVSS of 7.5 that was patched in the January 2026 Patch Tuesday update, enables attackers to exploit Kerberos authentication relay through DNS CNAME record abuse. This blog focuses on detecting one particularly impactful attack vector: relaying authentication to Active Directory Certificate Services (AD CS) to enroll certificates for user accounts, as detailed in recent research.
Read Post

The Future of Cybersecurity in the Agentic World | George Kurtz and Dan Ives

Mar 30, 2026 By CrowdStrike In CrowdStrike
In his conversation with Dan Ives, Wedbush’s Global Head of Technology Research, CrowdStrike CEO and founder George Kurtz explains why security, visibility and guardrails are the key to unlocking enterprise AI adoption - and why customers are looking to CrowdStrike to help them move faster. Subscribe and stay updated!
View Video
CrowdStrike

How Charlotte AI AgentWorks Fuels Security's Agentic Ecosystem

Mar 25, 2026 By Lucia Stanham In CrowdStrike
The era of human-speed defense is over. With eCrime breakout times collapsing to as fast as 27 seconds and attacks from AI-powered adversaries increasing 89% year-over-year, the traditional SOC has reached a breaking point. Manual processes, fragmented tools, and rule-based playbooks were built for a different era. Today, if your defense depends on human reaction time, you’re not just behind — you’re at risk.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.