Mac Attacks Along the Kill Chain: Credential Theft [VIDEO]
This blog is the third in a series from CrowdStrike’s RSA 2019 keynote, “Hacking Exposed: Hacking Macs,” where I joined CrowdStrike’s…
![Mac Attacks Along The Kill Chain: Credential Theft [VIDEO]](https://www.crowdstrike.com/blog/wp-content/uploads/2019/04/Blog-Image-CredTheft-Demo.png)
From The Front Lines
Mimikatz in the Wild: Bypassing Signature-Based Detections Using the “AK47 of Cyber”
This blog shares information on some examples of how the CrowdStrike® Falcon® OverWatch™ team has observed the open-source tool known as Mimikatz…
Interception: Dissecting BokBot’s “Man in the Browser”
BokBot: Proxy Module This article is a continuation of CrowdStrike’s recent blog, “Digging Into BokBot’s Core Module,” and provides a detailed analysis…
AutoMacTC: Automating Mac Forensic Triage
Performing macOS incident response (IR) investigations can be challenging, considering the difficulties in quickly capturing, parsing and analyzing forensic data across disparate…
![Helping Non-Security Stakeholders Understand ATT&CK In 10 Minutes Or Less [VIDEO]](https://www.crowdstrike.com/blog/wp-content/uploads/2019/01/video-ATTCK2.png)
Helping Non-Security Stakeholders Understand ATT&CK in 10 Minutes or Less [VIDEO]
\ CrowdStrike® Falcon® detections now align with the MITRE ATT&CK™ framework, a valuable tool that provides consistent, industry-standard terminology for describing and…
Threat Actor “Magecart”: Coming to an eCommerce Store Near You
Threat actors that target eCommerce platforms to skim credit card information from online shoppers are commonly referred to under the umbrella threat…
Analyzing Targeted Intrusions Through the ATT&CK Framework Lens [VIDEO]
The security community is quickly adopting the MITRE ATT&CK framework as a standard way to categorize adversary intrusion behavior. However, one of…
eCrime Innovations: New Trends Increasing Profitability of Attacks
One of the major trends featured in the recent CrowdStrike® Services Cyber Intrusion Casebook notes attackers’ increased use of remote access tools…
INSIGHT: Cybersecurity Attacks, Prevention Call for Attorneys, Rapid Response Teams
Reproduced with permission. Published Jan. 8, 2019. Copyright 2019 The Bureau of National Affairs, Inc. 800-372-1033. To request permission to reuse or…
Digging into BokBot’s Core Module
Introduction BokBot, developed and operated by the actor named LUNAR SPIDER, was first observed in 2017 and the CrowdStrike’s Falcon® Overwatch™ and…