Mac Attacks Along the Kill Chain: Credential Theft [VIDEO]
This blog is the third in a series from CrowdStrike’s RSA 2019 keynote, “Hacking Exposed: Hacking Macs,” where I joined CrowdStrike’s…
This blog is the third in a series from CrowdStrike’s RSA 2019 keynote, “Hacking Exposed: Hacking Macs,” where I joined CrowdStrike’s…
This blog shares information on some examples of how the CrowdStrike® Falcon® OverWatch™ team has observed the open-source tool known as Mimikatz…
BokBot: Proxy Module This article is a continuation of CrowdStrike’s recent blog, “Digging Into BokBot’s Core Module,” and provides a detailed analysis…
Performing macOS incident response (IR) investigations can be challenging, considering the difficulties in quickly capturing, parsing and analyzing forensic data across disparate…
\ CrowdStrike® Falcon® detections now align with the MITRE ATT&CK™ framework, a valuable tool that provides consistent, industry-standard terminology for describing and…
Threat actors that target eCommerce platforms to skim credit card information from online shoppers are commonly referred to under the umbrella threat…
The security community is quickly adopting the MITRE ATT&CK framework as a standard way to categorize adversary intrusion behavior. However, one of…
One of the major trends featured in the recent CrowdStrike® Services Cyber Intrusion Casebook notes attackers’ increased use of remote access tools…
Reproduced with permission. Published Jan. 8, 2019. Copyright 2019 The Bureau of National Affairs, Inc. 800-372-1033. To request permission to reuse or…
Introduction BokBot, developed and operated by the actor named LUNAR SPIDER, was first observed in 2017 and the CrowdStrike’s Falcon® Overwatch™ and…