Threat Actor “Magecart”: Coming to an eCommerce Store Near You
Threat actors that target eCommerce platforms to skim credit card information from online shoppers are commonly referred to under the umbrella threat…
From The Front Lines
![Analyzing Targeted Intrusions Through The ATT&CK Framework Lens [VIDEO]](https://www.crowdstrike.com/blog/wp-content/uploads/2019/01/video-ATTCK2.png)
Analyzing Targeted Intrusions Through the ATT&CK Framework Lens [VIDEO]
The security community is quickly adopting the MITRE ATT&CK framework as a standard way to categorize adversary intrusion behavior. However, one of…
eCrime Innovations: New Trends Increasing Profitability of Attacks
One of the major trends featured in the recent CrowdStrike® Services Cyber Intrusion Casebook notes attackers’ increased use of remote access tools…
INSIGHT: Cybersecurity Attacks, Prevention Call for Attorneys, Rapid Response Teams
Reproduced with permission. Published Jan. 8, 2019. Copyright 2019 The Bureau of National Affairs, Inc. 800-372-1033. To request permission to reuse or…
Digging into BokBot’s Core Module
Introduction BokBot, developed and operated by the actor named LUNAR SPIDER, was first observed in 2017 and the CrowdStrike’s Falcon® Overwatch™ and…
Adversary Extends Persistence by Modifying System Binaries
At the end of September 2018, the CrowdStrike® Falcon OverWatch™ team identified suspicious interactive activity on a Linux host within a customer’s…
Confessions of a Responder: The Hardest Part of Incident Response Investigations
It’s not the disk forensics. It’s not the log analysis. It’s not even the lawyers (we love working with law firms!). It’s…
Managed Threat Hunting Meets the Challenge of the Tenacious Adversary
Dealing with an active, dedicated adversary during an incident is very different than what many consider the more “traditional” incident response process…
Your Jenkins Belongs to Us Now: Abusing Continuous Integration Systems
"Continuous integration (CI) is the process of automating the build and testing of code every time a team member commits a change."…
Leveraging Falcon Sandbox to Detect and Analyze Malicious PDFs Containing Zero-Day Exploits
The discovery by security researchers in March 2018 of a PDF sample that contains exploits for two zero-day vulnerabilities has confirmed that…