Digging into BokBot’s Core Module
Introduction BokBot, developed and operated by the actor named LUNAR SPIDER, was first observed in 2017 and the CrowdStrike’s Falcon® Overwatch™ and…
Introduction BokBot, developed and operated by the actor named LUNAR SPIDER, was first observed in 2017 and the CrowdStrike’s Falcon® Overwatch™ and…
At the end of September 2018, the CrowdStrike® Falcon OverWatch™ team identified suspicious interactive activity on a Linux host within a customer’s…
It’s not the disk forensics. It’s not the log analysis. It’s not even the lawyers (we love working with law firms!). It’s…
Dealing with an active, dedicated adversary during an incident is very different than what many consider the more “traditional” incident response process…
"Continuous integration (CI) is the process of automating the build and testing of code every time a team member commits a change."…
The discovery by security researchers in March 2018 of a PDF sample that contains exploits for two zero-day vulnerabilities has confirmed that…
A new report from the CrowdStrike® Falcon® OverWatch™ team, “Observations from the Front Lines of Threat Hunting,” offers a unique perspective on…
For the last two decades or more, cybersecurity and its failures have directly impacted organizations’ bottom lines.The call for boards of directors…
Kovter is a well known form of clickjacking malware that has been around for years. While it is mostly nuisance malware, it…
Introduction Analysts that perform macOS forensics have had few, if any, artifacts of program execution to rely on during investigations — until…