Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 2 / 2
27 résultats taggé crowdstrike  ✕
2023-05-31 // SITUATIONAL AWARENESS // Spyboy Defense Evasion Tool Advertised Online https://www.reddit.com/r/crowdstrike/comments/13wjrgn/20230531_situational_awareness_spyboy_defense/
31/05/2023 16:00:16
QRCode
archive.org

On May 21, 2023, an online persona named spyboy began advertising an endpoint defense evasion tool for the Windows operating system via the Russian-language forum Ramp. The author claims that the software — seen in a demonstration video as being titled “Terminator” — can bypass twenty three (23) EDR and AV controls. At time of writing, spyboy is pricing the software from $300 USD (single bypass) to $3,000 USD (all-in-one bypass).

CrowdStrike reddit EN 2023 EDR bypass XDR
CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers https://www.reddit.com/r/crowdstrike/comments/125r3uu/20230329_situational_awareness_crowdstrike/
30/03/2023 09:04:31
QRCode
archive.org

What Happened On March 29, 2023, Falcon OverWatch observed unexpected malicious activity emanating from a legitimate …

reddit EN 2023 CrowdStrike Tracking Active Intrusion Campaign Targeting 3CX Customers
Shlayer Malware: Continued Use of Flash Updates https://www.crowdstrike.com/blog/shlayer-malvertising-campaigns-still-using-flash-update-disguise/
28/12/2022 02:49:09
QRCode
archive.org
thumbnail

Although Flash Player reached end of life for macOS in 2020, this has not stopped Shlayer operators from continuing to abuse it for malvertising campaigns.

crowdstrike EN 2021 Flash Player macOS Shlayer malvertising analysis IoCs
New Kiss-a-dog Cryptojacking Campaign Targets Docker and Kubernetes https://www.crowdstrike.com/blog/new-kiss-a-dog-cryptojacking-campaign-targets-docker-and-kubernetes/
22/12/2022 10:08:41
QRCode
archive.org
thumbnail

CrowdStrike has uncovered a new cryptojacking campaign targeting vulnerable Docker and Kubernetes infrastructure using an obscure domain from the payload, container escape attempt and anonymized “dog” mining pools.

Called “Kiss-a-dog,” the campaign used multiple command-and-control (C2) servers to launch attacks that attempted to mine cryptocurrency, utilize user and kernel mode rootkits to hide the activity, backdoor compromised containers, move laterally in the network and gain persistence. 

The CrowdStrike Falcon® platform helps protect organizations of all sizes from sophisticated breaches, including cryptojacking campaigns such as this. 

crowdstrike EN 2022 Kiss-a-dog Cryptojacking docker kubernetes
OverWatch Insights: Reviewing a New Intrusion Targeting Mac Systems https://www.crowdstrike.com/blog/overwatch-insights-reviewing-a-new-intrusion-targeting-mac-systems/
28/04/2022 14:07:04
QRCode
archive.org
thumbnail

While Mac enterprise networks are not as common as Windows, and subject to less targeting by adversaries, recent CrowdStrike Falcon Overwatch observations shed light on sophisticated tactics, techniques and procedures (TTPs) targeting Mac environments.

crowdstrike 2018 EN Mac macos tactics TTP Intrusion
PROPHET SPIDER Exploits Citrix ShareFile https://www.crowdstrike.com/blog/prophet-spider-exploits-citrix-sharefile/
16/03/2022 08:46:41
QRCode
archive.org
thumbnail

At the start of 2022, CrowdStrike Intelligence and CrowdStrike Services investigated an incident in which PROPHET SPIDER exploited CVE-2021-22941 — a remote code execution (RCE) vulnerability impacting Citrix ShareFile Storage Zones Controller — to compromise a Microsoft Internet Information Services (IIS) web server. The adversary exploited the vulnerability to deploy a webshell that enabled the downloading of additional tools. This incident highlights how PROPHET SPIDER continues to evolve their tradecraft while continuing to exploit known web-server vulnerabilities.

CrowdStrike PROPHETSPIDER EN 2022 CVE-2021-22941RCE webshell ShareFile vulnerability Citrix
Linux-Targeted Malware Increases by 35% in 2021 https://www.crowdstrike.com/blog/linux-targeted-malware-increased-by-35-percent-in-2021/
15/02/2022 20:57:36
QRCode
archive.org
thumbnail

CrowdStrike has observed that malware targeting Linux-based systems increased by 35% in 2021. XorDDoS, Mirai and Mozi were the most common malware families.

CrowdStrike 2021 EN Linux XorDDoS Mirai Mozi malware
page 2 / 2
4379 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio