CrowdStrike’s Real Time Response Expands Protections

Jun 19, 2020 by iHash Leave a Comment

Table of Contents

Introduction

Sinkholes can be used by both bad actors and system administrators alike. Bad actors can redirect systems to malicious domains and security admins can stop systems from reaching those domains. If remote employees are not using the corporate VPN, do security teams have the ability to manipulate system redirects and sinkhole malicious domains?

Video

https://www.youtube.com/watch?v=nk0T-8vKTnI

Remote system control is more important than ever

Remote workers can directly access cloud-based applications or use the internet to complete various tasks. This direct access minimizes the need to use the corporate VPN which can provide some level of protection against malicious domains. Since a remote system is not using the corporate firewall and may not always be connected to the VPN, there’s a greater risk of connecting to or being redirected to a malicious domain. An organization’s ability to protect that endpoint can be challenging.

When traditional security solutions – from a firewall to a web gateway – are not available for controlling and directing traffic, security admins and responders need alternative options. One option is to sinkhole the malicious domain and prevent systems from connecting to, or redirecting to it, regardless of the links that remote users click.

Security teams need comprehensive response capabilities to protect endpoints and prevent them from accessing known malicious domains.

Solution

CrowdStrike Real Time Response (available with Falcon Insight™ and Falcon Endpoint Protection Pro) enables responders to directly access remote endpoints and run a wide variety of commands including kill processes, remove files or directories, manipulate the Windows registry or even run custom scripts. With a simple script, responders can sinkhole a malicious domain to provide some network level security and protect users from navigating to it.

Closing

Get immediate time to value, extend your visibility and protect your organization regardless of physical location. Try CrowdStrike’s Falcon platform for free: https://go.crowdstrike.com/try-falcon-prevent.html

Content Provided by Anne Aarness

More resources

Source link

Leave a ReplyCancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Strengthen SMB Security with Seamless Mobile Protection

Small and medium-sized businesses (SMBs) face many of the same cybersecurity threats as large enterprises but often lack the resources to maintain robust security across all devices. As SMBs rely on a growing number of smartphones and tablets, they must defend against a range of mobile-focused cyberattacks. The need for comprehensive security has never […]

How Real-Time Data Analytics and AI Are Transforming Heavy Equipment Operations

The demand for streamlined equipment operations is more apparent as industrial processes have become more complex and diversified. Data analysis and AI are transforming how all industries operate, promoting productivity and enhancing performance. These technological advances automate operations and allow businesses to allocate more resources to service improvement, customer service and innovations. Real-time data analysis […]

Shazam hits 100 billion song recognitions

Shazam has now officially surpassed over 100 billion song recognitions since it launched. To help put that into perspective: That’s equivalent to 12 songs identified for every person on Earth. A person would need to use Shazam to identify a song every second for 3,168 years to reach 100 billion. That’s more than 2,200x the […]

Apple shares the most popular podcasts of 2024

Today, Apple shared the most popular podcasts of 2024, with year-end charts localized for listeners in nearly 100 countries and regions. The 2024 charts are available in the Browse tab through the end of the year, and include the top podcasts overall, the top new shows that debuted this year, the most followed shows, the […]

Unveiling LIMINAL PANDA – Threats to Telecom Sector

On Tuesday, November 19, 2024, Adam Meyers, CrowdStrike Senior Vice President of Counter Adversary Operations, will testify in front of the U.S. Senate Judiciary Subcommittee on Privacy, Technology, and the Law on Chinese cyber threats to critical infrastructure. Within his testimony, Adam will speak publicly for the first time about a China-nexus state-sponsored actor that […]

Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices

The malware known as Ngioweb has been used to fuel a notorious residential proxy service called NSOCKS, as well as by other services such as VN5Socks and Shopsocks5, new findings from Lumen Technologies reveal. “At least 80% of NSOCKS bots in our telemetry originate from the Ngioweb botnet, mainly utilizing small office/home office (SOHO) routers […]

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.2.0

Pangu has updated its jailbreak utility for iOS 9.0 to 9.0.2 with a fix for the manage storage bug and the latest version of Cydia. Change log V1.2.0 (2015-10-27) 1. Bundle latest Cydia with new Patcyh which fixed failure to open url scheme in MobileSafari 2. Fixed the bug that “preferences -> Storage&iCloud Usage -> […]

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1

Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1. Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple’s document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.1.0

Pangu has released an update to its jailbreak utility for iOS 9 that improves its reliability and success rate. Change log V1.1.0 (2015-10-21) 1. Improve the success rate and reliability of jailbreak program for 64bit devices 2. Optimize backup process and improve jailbreak speed, and fix an issue that leads to fail to […]

Activator 1.9.6 Released With Support for iOS 9, 3D Touch

Ryan Petrich has released Activator 1.9.6, an update to the centralized gesture, button, and shortcut manager, that brings support for iOS 9 and 3D Touch.

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54

CrowdStrike’s Real Time Response Expands Protections

Introduction

Video

Remote system control is more important than ever

Solution

Closing

More resources

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54

Introduction

Video

Remote system control is more important than ever

Solution

Closing

More resources

How to Contain an Infected System

Share this:

Reader Interactions

Leave a ReplyCancel reply