An In-Depth Analysis of Samsam Ransomware and BOSS SPIDER
Introduction This analysis provides an in-depth view of the Samsam ransomware, which is developed and operated by the actor tracked by CrowdStrike®…
From The Front Lines
Trying to Dance the Samba: An Exercise in Weaponizing Vulnerabilities
Introduction This blog tells the story of a failed Samba exploitation attempt. The goal was to assess what it would take for…
Hidden Administrative Accounts: BloodHound to the Rescue
Defending an organization from today’s sophisticated attacks is no easy task. It often requires security teams to be ready at a moment’s…
Cryptomining: Harmless Nuisance or Disruptive Threat?
Cryptocurrencies are in high demand. The usage and monetary value of Bitcoin, Litecoin, Ethereum, and many others have skyrocketed worldwide. The increase…
IR Team Investigations Uncover eCrime Use of Nation-State Attack Methods
The much-anticipated CrowdStrike® Cyber Intrusion Services Casebook for 2017 offers detailed accounts of some of the cases the CrowdStrike Services incident response…
Chip Flaws Spectre and Meltdown are Actually Three Vulnerabilities and Proving Hard to Mitigate
The latest computer flaws to make global headlines are ominously titled “Spectre” and “Meltdown” and they represent a unique breed of trouble,…
![Renowned Author And Cybersecurity Pioneer Clifford Stoll Mesmerizes At Fal.Con [VIDEO]](https://www.crowdstrike.com/blog/wp-content/uploads/2017/12/1.jpg)
Renowned Author and Cybersecurity Pioneer Clifford Stoll Mesmerizes at Fal.Con [VIDEO]
Read Video Transcript As his Ted Talk biography states, “When Clifford Stoll speaks, you can’t help but listen.” This video of his…
BadRabbit MS17-010 Exploitation Part Two: Elevate Privileges
Overview This post continues the technical analysis of the BadRabbit ransomware attacks discussed in Part One of this two-part series. Part…
BadRabbit MS17-010 Exploitation Part One: Leak and Control
Overview On October 23, 2017, CrowdStrike® became aware of a new type of ransomware called BadRabbit. The initial infection occurred via…
CCleaner Stage 2: In-Depth Analysis of the Payload
Overview Recently, CrowdStrike® analyzed the backdoor embedded in the legitimate PC cleaning utility CCleaner version 5.33, as reported in the blog…