From The Front Lines  

This blog is Part 2 of a three-part blog series detailing the reemergence and evolution of QakBot in the spring and summer…

Adversaries constantly develop new tactics that enhance their capabilities to deploy malware across networked environments and monetize infected systems. This blog is…

In recent months, CrowdStrike® Services has observed a continued increase in the use of Cobalt Strike by eCrime and nation-state adversaries to…

CrowdStrike® Falcon OverWatch™ has released its new report, 2020 Threat Hunting Report: Insights from the CrowdStrike Falcon OverWatch Team. Now in its…

In this blog, we describe a recent incident that highlights the CrowdStrike® Falcon Complete™ team’s ability to act as an extension of…

As of macOS 10.12 Sierra, incident responders have been able to turn to a new endpoint log source for investigative answers: the…

In Part 1 of this two-part blog series, we addressed binary exploitation on Windows systems, including some legacy and contemporary mitigations that…

In Part 1 of this two-part “Tales from the Trenches” blog, we examined a stealthy Remote Desktop Protocol (RDP) intrusion uncovered by…

Welcome to the CrowdStrike® Falcon CompleteTM team’s first “Tales from the Trenches” blog, where we describe a recent intrusion that shows how…

Memory corruption exploits have historically been one of the strongest accessories in a good red teamer's toolkit. They present an easy win…