AutoMacTC: Automating Mac Forensic Triage
Performing macOS incident response (IR) investigations can be challenging, considering the difficulties in quickly capturing, parsing and analyzing forensic data across disparate…
From The Front Lines
![Helping Non-Security Stakeholders Understand ATT&CK In 10 Minutes Or Less [VIDEO]](https://www.crowdstrike.com/blog/wp-content/uploads/2019/01/video-ATTCK2.png)
Helping Non-Security Stakeholders Understand ATT&CK in 10 Minutes or Less [VIDEO]
\ CrowdStrike® Falcon® detections now align with the MITRE ATT&CK™ framework, a valuable tool that provides consistent, industry-standard terminology for describing and…
Threat Actor “Magecart”: Coming to an eCommerce Store Near You
Threat actors that target eCommerce platforms to skim credit card information from online shoppers are commonly referred to under the umbrella threat…
Analyzing Targeted Intrusions Through the ATT&CK Framework Lens [VIDEO]
The security community is quickly adopting the MITRE ATT&CK framework as a standard way to categorize adversary intrusion behavior. However, one of…
eCrime Innovations: New Trends Increasing Profitability of Attacks
One of the major trends featured in the recent CrowdStrike® Services Cyber Intrusion Casebook notes attackers’ increased use of remote access tools…
INSIGHT: Cybersecurity Attacks, Prevention Call for Attorneys, Rapid Response Teams
Reproduced with permission. Published Jan. 8, 2019. Copyright 2019 The Bureau of National Affairs, Inc. 800-372-1033. To request permission to reuse or…
Digging into BokBot’s Core Module
Introduction BokBot, developed and operated by the actor named LUNAR SPIDER, was first observed in 2017 and the CrowdStrike’s Falcon® Overwatch™ and…
Adversary Extends Persistence by Modifying System Binaries
At the end of September 2018, the CrowdStrike® Falcon OverWatch™ team identified suspicious interactive activity on a Linux host within a customer’s…
Confessions of a Responder: The Hardest Part of Incident Response Investigations
It’s not the disk forensics. It’s not the log analysis. It’s not even the lawyers (we love working with law firms!). It’s…
Managed Threat Hunting Meets the Challenge of the Tenacious Adversary
Dealing with an active, dedicated adversary during an incident is very different than what many consider the more “traditional” incident response process…