An adversary’s ability to live off the land — relying on the operating system’s built-in tooling and user-installed legitimate software rather than tooling that must be brought in — may allow them to navigate through a victim organization’s network relatively undetected. CrowdStrike Falcon OverWatch™ threat hunters are acutely aware of adversaries’ love of these living off the land binaries (LOLBins) and build their hunts accordingly.

Popular for compromising internet-connected devices and conducting distributed denial of service (DDoS) attacks, Mirai malware variants have been known to compromise devices that run on Linux builds ranging from mobile and Internet of Things (IoT) devices to cloud infrastructures.

As organizations increasingly move to hybrid cloud environments to increase agility, scale and competitive advantage, adversaries are correspondingly looking to exploit these environments.

CrowdStrike is proud to announce its recognition as an Overall Leader with the highest rating in the 2022 KuppingerCole Leadership Compass for vendors in the Endpoint Protection, Detection & Response (EPDR) market. The Overall Leadership ranking provides a combined view of ratings across Product, Innovation and Market Leadership categories. Our acknowledgement as an Overall Leader in this report underscores CrowdStrike’s continued leadership in EPDR and commitment to EPDR innovation.

The transaction details and monetization patterns of modern eCrime reveal critical insights for organizations defending against ransomware attacks. Cybercrime has evolved over the past several years from simple “spray and pray” attacks to a sophisticated criminal ecosystem centered around highly effective monetization techniques that enable adversaries to maximize success and profitability.

CrowdStrike is the only vendor to achieve the highest possible score of 18 points in protection, performance and usability out of all four tested vendors during the AV-TEST MacOS evaluation for business users in March 2022.

The MITRE ATT&CK matrix revolutionized security, providing a common language and taxonomy for companies and security vendors to use when talking about and measuring cybersecurity, with an emphasis on adversary behaviors. However, building a defensive strategy using this insight can be overwhelming due to its 14 tactics, 191 techniques and 386 sub-techniques, and often thousands of implementation procedures for each technique that change constantly.

Understanding the threat landscape and how threats behave is the first step CrowdStrike researchers take toward strengthening customer protection. They based the following threat landscape analysis on internal and open source data, which revealed that in 2021 the most commonly encountered macOS malware types were ransomware (43%), backdoors (35%) and trojans (17%). Each category is powered by a different motive: ransomware by money, backdoors by remote access and trojans by data theft. Figure 1.