The Current State of Exploit Development, Part 2
In Part 1 of this two-part blog series, we addressed binary exploitation on Windows systems, including some legacy and contemporary mitigations that…
In Part 1 of this two-part blog series, we addressed binary exploitation on Windows systems, including some legacy and contemporary mitigations that…
In Part 1 of this two-part “Tales from the Trenches” blog, we examined a stealthy Remote Desktop Protocol (RDP) intrusion uncovered by…
Welcome to the CrowdStrike® Falcon CompleteTM team’s first “Tales from the Trenches” blog, where we describe a recent intrusion that shows how…
Memory corruption exploits have historically been one of the strongest accessories in a good red teamer's toolkit. They present an easy win…
Over the past year, CrowdStrike® Services has observed threat actors increasingly targeting macOS environments — and using relatively unsophisticated methods to gain…
Since January 2020, the CrowdStrike® Falcon OverWatch™ managed threat hunting team has observed an escalation in hands-on-keyboard activity. The COVID-19 pandemic has…
This is Part 2 in a two-part blog series covering the CrowdStrike® Falcon Complete™ team’s ability to remotely remediate “TrickBot,” a modular…
The combination of commodity banking malware and ransomware is nothing new in the threat landscape. Adversaries continue to develop new tactics that…
Companies are increasingly relying on cloud-based infrastructure, especially as more of their employees are working remotely — and may continue to do…
June 5, 2020 UPDATE Blog update following the release of the testimony by Shawn Henry, CSO and President of CrowdStrike Services, before…