You are invited to a Cloud Security Dev Day live virtual workshop with CrowdStrike and AWS! Join CrowdStrike and AWS for new insights and perspectives on the tactics and techniques in use by today's adversaries. You will see new developments that highlight the dynamic nature of the cybersecurity threats, and have a chance to roll up your sleeves and go HANDS-ON with the Falcon Platform to practice your own hunting and investigation techniques....

Over the last year, CrowdStrike has observed the emergence of malicious threat actor entities who are selling access into target environments. This access often pertains directly to the target’s network environment, to include the sale of login credentials, RDP login data, domain admin credentials, and more. Of note, CrowdStrike has specifically observed a surge in access broker targeting of state and federal government entities, which m...

According to Gartner, “the escalating sophistication of threats requires organizations touse multiple sources of data for threat detection and responses. Network-basedtechnologies enable technical professionals to obtain quick threat visibility across anentire environment...” Historically, security efforts have focused on the perimeter. With recent supply chainattacks, renewed focus on the interior threat surface necessitates impro...

Between 27 February through March 2021, CrowdStrike Intelligence observed the exploitation of Microsoft on-prem Exchange servers against dozens of victims. These victims are spread across a number of verticals with a heavy focus on organizations located in North America. CrowdStrike has uncovered at least six China-nexus adversaries and at least one e-Crime actor leveraging access to vulnerable Microsoft Exchange servers during this time frame...

Throughout 2020, ransomware increasingly threatened organizations in every industry worldwide – and the threat continues. In the 2021 Global Threat Report, CrowdStrike outlined a vast, interconnected eCrime ecosystem with criminal adversaries existing to support enterprise ransomware operations. Many of these adversaries specialize and work in concert with each other, combining malicious services, ransomware distribution methods and mone...

Since CrowdStrike collects a vast amount of benign meta-data, there are many non-security use cases you can tap into such as: Enterprise Software usage across the Organization. Identify unused software licenses aka “shelf-ware” to save money Identifying RPA (Robotic Process Automation) tasks across my users. i.e. finding menial and repetitive tasks end-users do and replace them with bots Finding Insights on Application Issues / Cra...

In addition to being a global health crisis, COVID-19 fundamentally altered the attack surface of organizations worldwide. As organizations transitioned from the office to a remote-workforce posture, adversaries levied tactics designed specifically to exploit the pandemic. Accordingly, this brief will cover how COVID has changed the attack surface as well as how organizations and government agencies can shore up their defenses.

In 2020, cyber adversaries exploited the global pandemic, accelerating attacks and introducing increasingly damaging tactics, techniques and procedures. The adversary activity observed around the world in the past year by CrowdStrike Intelligence is highlighted in our recently published 2021 Global Threat Report. CrowdStrike’s SVP of Intelligence, Adam Meyers, will do a deep dive into the notable threats, events and trends targeting the...

Today’s most advanced nation-state adversaries, to include groups originating from within Russia, China, Iran, and North Korea, are engaged in cyber operations that blur the lines between nation-state objectives and organized crime. Whereas many nations have difficulty controlling cyber-crime originating from within their borders, the above-aforementioned nations are complicit with several major organized crime groups. Accordingly, the p...

Federal agencies are fighting each and every day to stay one step ahead of our nation's adversaries. With new threats coming online every day, harnessing next-generation technology and practices is the only way to stop attackers in their tracks. During this interactive virtual event, Joshua Shapiro, Public Sector Intelligence SME at CrowdStrike, will cover the latest and most relevant intelligence trends pertaining to nation-state and criminal...