From The Front Lines  

In Part 1 of this two-part blog series, we addressed binary exploitation on Windows systems, including some legacy and contemporary mitigations that…

In Part 1 of this two-part “Tales from the Trenches” blog, we examined a stealthy Remote Desktop Protocol (RDP) intrusion uncovered by…

Welcome to the CrowdStrike® Falcon CompleteTM team’s first “Tales from the Trenches” blog, where we describe a recent intrusion that shows how…

Memory corruption exploits have historically been one of the strongest accessories in a good red teamer's toolkit. They present an easy win…

Over the past year, CrowdStrike® Services has observed threat actors increasingly targeting macOS environments — and using relatively unsophisticated methods to gain…

Since January 2020, the CrowdStrike® Falcon OverWatch™ managed threat hunting team has observed an escalation in hands-on-keyboard activity. The COVID-19 pandemic has…

This is Part 2 in a two-part blog series covering the CrowdStrike® Falcon Complete™ team’s ability to remotely remediate “TrickBot,” a modular…

The combination of commodity banking malware and ransomware is nothing new in the threat landscape. Adversaries continue to develop new tactics that…

Companies are increasingly relying on cloud-based infrastructure, especially as more of their employees are working remotely — and may continue to do…