Between 27 February through March 2021, CrowdStrike Intelligence observed the exploitation of Microsoft on-prem Exchange servers against dozens of victims. These victims are spread across a number of verticals with a heavy focus on organizations located in North America. CrowdStrike has uncovered at least six China-nexus adversaries and at least one e-Crime actor leveraging access to vulnerable Microsoft Exchange servers during this time frame...

How Intuitive Analytics Helps You Capitalize on Otherwise Missed Opportunities Join us on Tuesday, April 13th from 1:00 - 2:00 PEM EST for a Department of the Navy Oracle II Enterprise Software License Agreement (ESLA) and Technology Spotlight LIVE webinar hosted on MS Teams featuring Oracle Analytics and Business Intelligence. This webinar will include a brief introduction to DLT Solutions followed by a spotlight on the new era of business an...

Throughout 2020, ransomware increasingly threatened organizations in every industry worldwide – and the threat continues. In the 2021 Global Threat Report, CrowdStrike outlined a vast, interconnected eCrime ecosystem with criminal adversaries existing to support enterprise ransomware operations. Many of these adversaries specialize and work in concert with each other, combining malicious services, ransomware distribution methods and mone...

Since CrowdStrike collects a vast amount of benign meta-data, there are many non-security use cases you can tap into such as: Enterprise Software usage across the Organization. Identify unused software licenses aka “shelf-ware” to save money Identifying RPA (Robotic Process Automation) tasks across my users. i.e. finding menial and repetitive tasks end-users do and replace them with bots Finding Insights on Application Issues / Cra...

In addition to being a global health crisis, COVID-19 fundamentally altered the attack surface of organizations worldwide. As organizations transitioned from the office to a remote-workforce posture, adversaries levied tactics designed specifically to exploit the pandemic. Accordingly, this brief will cover how COVID has changed the attack surface as well as how organizations and government agencies can shore up their defenses.

In 2020, cyber adversaries exploited the global pandemic, accelerating attacks and introducing increasingly damaging tactics, techniques and procedures. The adversary activity observed around the world in the past year by CrowdStrike Intelligence is highlighted in our recently published 2021 Global Threat Report. CrowdStrike’s SVP of Intelligence, Adam Meyers, will do a deep dive into the notable threats, events and trends targeting the...

Today’s most advanced nation-state adversaries, to include groups originating from within Russia, China, Iran, and North Korea, are engaged in cyber operations that blur the lines between nation-state objectives and organized crime. Whereas many nations have difficulty controlling cyber-crime originating from within their borders, the above-aforementioned nations are complicit with several major organized crime groups. Accordingly, the p...

STIG & CIS compliance is tiresome and tedious work adding weeks and months to any ATO or RMF accreditation timeline. This crucial IA obligation is often underestimated and will cause program cost overruns which can hurt fixed price engagements. Automation allows System Integrators to claw back costs and accelerate deliverables – ConfigOS allows to rapidly gain compliance across low and high-side infrastructure, including air-gapped a...

Join us each month for a Department of the Navy Red Hat Enterprise Software License Agreement (ESLA) and Technology Spotlight LIVE webinar hosted on MS Teams. This webinar will include a brief introduction to DLT Solutions followed by a spotlight on a different technology, available on either the Unlimited License Agreement (ULA) or the Catalog. All webinars will be held between 1:00 PM - 2:00 PM EST and include time for Q&A. You will rece...

Join CrowdStrike for a deep dive into the nation-state threat landscape of Iran. Jason Rivera, Global Director - Strategic Threat Advisory Group at CrowdStrike, will give a brief on the broader geopolitical context for the latest Iranian cyber activities, an overview of the primary threat actors responsible for Iranian offensive cyber operations, and these actors’ TTPs (tactics, techniques, and procedures). He will also share mitigation...