Native Java Bytecode Debugging Without Source Code

Native Java Bytecode Debugging without Source Code

At CrowdStrike, we’ve seen a moderate increase in Java-based malware recently, with Remote Access Tools (RATs) like Adwind becoming increasingly…

READ MORE
Through The Window: Creative Code Invocation

Through the Window: Creative Code Invocation

Recently, while analyzing a targeted attack, CrowdStrike observed an interesting code invocation technique that we want to describe here. This…

READ MORE
Increased Cyber Targeting Expected Out Of China

Increased Cyber Targeting Expected Out of China

Talk about a rough week - last week was one of cyber turmoil for the Chinese government.  First, on 21…

READ MORE
Actionable Indicators For Detection Of Signs Of Compromise From Target-related Breaches

Actionable Indicators for Detection of Signs of Compromise from Target-related Breaches

A lot of press stories and blogs have been written about the Target breach in the last month after Brian…

READ MORE
Protected Processes Part 3: Windows PKI Internals (Signing Levels, Scenarios, Signers, Root Keys, EKUs & Runtime Signers)

Protected Processes Part 3: Windows PKI Internals (Signing Levels, Scenarios, Signers, Root Keys, EKUs & Runtime Signers)

In this last part of our series on protected processes in Windows 8.1, we’re going to be taking a look…

READ MORE
CrowdStrike VirusTotal Feed Management System

CrowdStrike VirusTotal Feed Management System

CrowdStrike is pleased to announce the upcoming release of a new tool aimed at assisting researchers in the collection and…

READ MORE
The Evolution Of Protected Processes Part 2: Exploit/Jailbreak Mitigations, Unkillable Processes And Protected Services

The Evolution of Protected Processes Part 2: Exploit/Jailbreak Mitigations, Unkillable Processes and Protected Services

In this continuing series on the improvements of the protected process mechanism in Windows, we’ll move on past the single…

READ MORE
Analysis Of A CVE-2013-3906 Exploit

Analysis of a CVE-2013-3906 Exploit

Many of CrowdStrike’s customers are often targeted by email phishing campaigns and strategic web compromises (also known as watering-hole attacks).…

READ MORE
What Has Been Accomplished On Cyber Legislation?

What Has Been Accomplished on Cyber Legislation?

In response to the growing cyber threat, Congress has been busy drafting legislation.  Last year alone our representatives introduced more…

READ MORE
The Evolution Of Protected Processes – Part 1: Pass-the-Hash Mitigations In Windows 8.1

The Evolution of Protected Processes – Part 1: Pass-the-Hash Mitigations in Windows 8.1

It was more than six years ago that I first posted on the concept of protected processes, making my opinion of this poorly…

READ MORE
 

Stop Breaches with CrowdStrike Falcon request a live demo