This briefing will cover the Big 4 nation-state threat actors, which are Russia, China, Iran, and North Korea. We will discuss how these nations have evolved their offensive cyber capabilities over the last year, how they have shifted (or maintained) their targeting objectives, as well as how the 4 have affected different industries across the commercial and government sectors.

While companies have embraced more endpoint and multifactor authentication (MFA) solutions in their security architecture, they don’t always see incidents as they happen — especially those involving service accounts and lateral movement. Recent attacks targeting identity and supply chain automation have made it clear that the next level of preparedness and risk mitigation must include reviewing and strengthening identity security t...

Over the last year, CrowdStrike has observed the emergence of malicious threat actor entities who are selling access into target environments. This access often pertains directly to the target’s network environment, to include the sale of login credentials, RDP login data, domain admin credentials, and more. Of note, CrowdStrike has specifically observed a surge in access broker targeting of state and federal government entities, which m...

Cybersecurity Maturity Model Certification (CMMC) requirements are beginning to appear in DoD contracts now and will be a mandatory requirement in all DoD contracts by FY26. The time to prepare is now to attain “Maturity” in CMMC. Join our panel of registered practitioners and C3PAO experts, as they share their first-hand experiences in preparing for their own organizations’ CMMC requirements, and therefore preparing for the...

According to Gartner, “the escalating sophistication of threats requires organizations touse multiple sources of data for threat detection and responses. Network-basedtechnologies enable technical professionals to obtain quick threat visibility across anentire environment...” Historically, security efforts have focused on the perimeter. With recent supply chainattacks, renewed focus on the interior threat surface necessitates impro...

Between 27 February through March 2021, CrowdStrike Intelligence observed the exploitation of Microsoft on-prem Exchange servers against dozens of victims. These victims are spread across a number of verticals with a heavy focus on organizations located in North America. CrowdStrike has uncovered at least six China-nexus adversaries and at least one e-Crime actor leveraging access to vulnerable Microsoft Exchange servers during this time frame...

Throughout 2020, ransomware increasingly threatened organizations in every industry worldwide – and the threat continues. In the 2021 Global Threat Report, CrowdStrike outlined a vast, interconnected eCrime ecosystem with criminal adversaries existing to support enterprise ransomware operations. Many of these adversaries specialize and work in concert with each other, combining malicious services, ransomware distribution methods and mone...

Since CrowdStrike collects a vast amount of benign meta-data, there are many non-security use cases you can tap into such as: Enterprise Software usage across the Organization. Identify unused software licenses aka “shelf-ware” to save money Identifying RPA (Robotic Process Automation) tasks across my users. i.e. finding menial and repetitive tasks end-users do and replace them with bots Finding Insights on Application Issues / Cra...

In addition to being a global health crisis, COVID-19 fundamentally altered the attack surface of organizations worldwide. As organizations transitioned from the office to a remote-workforce posture, adversaries levied tactics designed specifically to exploit the pandemic. Accordingly, this brief will cover how COVID has changed the attack surface as well as how organizations and government agencies can shore up their defenses.

In 2020, cyber adversaries exploited the global pandemic, accelerating attacks and introducing increasingly damaging tactics, techniques and procedures. The adversary activity observed around the world in the past year by CrowdStrike Intelligence is highlighted in our recently published 2021 Global Threat Report. CrowdStrike’s SVP of Intelligence, Adam Meyers, will do a deep dive into the notable threats, events and trends targeting the...