Part

Secure Network Analytics (Stealthwatch) Then, Now and Beyond – Part 3: Into the Future

Dec 21, 2020 by iHash Leave a Comment

(2020 – Future) Welcome to the third and final installment in our series looking at the past, present and future of Secure Network Analytics (formerly Stealthwatch). Today, we get to talk about the future. In parts one and two of this series, we covered Secure Network Analytics’ entry into the market in 2001, its evolution as a product and a company, and how that led to Cisco … [Read more...] about Secure Network Analytics (Stealthwatch) Then, Now and Beyond – Part 3: Into the Future

Secure Network Analytics (Stealthwatch) Then, Now and Beyond – Part 2: Behavioral Analytics Has its Day

Dec 4, 2020 by iHash Leave a Comment

(2012-2020) In part 1 of this series, we looked at the world we defended back in 2001 and how that shaped our initial product release. While the threat landscape of yesteryear was different in so many ways to the world we defend today, our objectives remain the same. This time, we will dive into the time period between 2012 and today (2020). The strategic bets we made early on … [Read more...] about Secure Network Analytics (Stealthwatch) Then, Now and Beyond – Part 2: Behavioral Analytics Has its Day

Threat Landscape Trends: Endpoint Security, Part 2

Oct 13, 2020 by iHash Leave a Comment

Part 2: LOLBins, operating systems, and threat types Being aware of what’s occurring on the threat landscape can be a valuable tool when it comes to defending your organization. If you’re well informed, that puts you in a good position to decide how best to protect your assets and allocate resources accordingly. While it’s important to stay up to date with the latest … [Read more...] about Threat Landscape Trends: Endpoint Security, Part 2

The Many Roads to a Cybersecurity Career: How These Experts Found Their Way Part 1

Oct 7, 2020 by iHash Leave a Comment

When we think of someone who works in cybersecurity, all too often the image we gravitate towards is perhaps a red teamer or a pen tester. In reality, there are so many more options available to those looking to help protect others online. From malware analysts to security advocates, from business and risk strategy to bloggers, the possibilities are endless. I think it’s … [Read more...] about The Many Roads to a Cybersecurity Career: How These Experts Found Their Way Part 1

How the Falcon Complete Team Stopped an RDP Attack [Part 1]

Aug 23, 2020 by iHash Leave a Comment

Welcome to the CrowdStrike® Falcon CompleteTM team’s first “Tales from the Trenches” blog, where we describe a recent intrusion that shows how the Falcon Complete managed detection and response (MDR) service operates as an extension of the customer’s security team to quickly detect, investigate and contain an active attacker before they’re able to complete their goal. Once this … [Read more...] about How the Falcon Complete Team Stopped an RDP Attack [Part 1]

How the Falcon Complete Team Stopped an RDP Attack [Part 2]

Aug 23, 2020 by iHash Leave a Comment

In Part 1 of this two-part “Tales from the Trenches” blog, we examined a stealthy Remote Desktop Protocol (RDP) intrusion uncovered by CrowdStrike® Falcon CompleteTM experts. In this installment, we’ll walk you through remediation efforts, highlighting Falcon Complete’s ability to directly eject a threat actor and bring the customer’s environment back to a clean, operational … [Read more...] about How the Falcon Complete Team Stopped an RDP Attack [Part 2]

The State of Exploit Development: Part 2

Aug 22, 2020 by iHash Leave a Comment

In Part 1 of this two-part blog series, we addressed binary exploitation on Windows systems, including some legacy and contemporary mitigations that exploit writers and adversaries must deal with in today’s cyber landscape. In Part 2, we will walk through more of the many mitigations Microsoft has put in place. Modern Mitigation #1: Page Table Randomization As explained in Part … [Read more...] about The State of Exploit Development: Part 2

The State of Exploit Development: Part 1

Aug 7, 2020 by iHash Leave a Comment

Memory corruption exploits have historically been one of the strongest accessories in a good red teamer’s toolkit. They present an easy win for offensive security engineers, as well as adversaries, by allowing the attacker to execute payloads without relying on any user interaction. Fortunately for defenders, but unfortunately for researchers and adversaries, these types of … [Read more...] about The State of Exploit Development: Part 1

Automating Remote Remediation of TrickBot: Part 2

Jul 10, 2020 by iHash Leave a Comment

This is Part Two in a two-part blog series covering the CrowdStrike® Falcon Complete™ team’s ability to remotely remediate “TrickBot,” a modular trojan that is particularly devastating when paired with “Ryuk” ransomware. This deep dive analyzes an automated methodology that leverages the Falcon Real Time Response (RTR) API in addition to PowerShell and Python scripting in order … [Read more...] about Automating Remote Remediation of TrickBot: Part 2

Automating Remote Remediation of TrickBot: Part 1

Jul 8, 2020 by iHash Leave a Comment

The combination of commodity banking malware and ransomware is nothing new in the threat landscape. Adversaries continue to develop new tactics that enhance their capabilities to quickly spread malware infections across an environment, seize control of systems and hold organizations hostage pending a ransom payment. The adversary tracked as WIZARD SPIDER has used “big game … [Read more...] about Automating Remote Remediation of TrickBot: Part 1

« Previous Page

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54