Introduction As organizations shift to supporting more remote workers, protection policies for laptops and systems that are no longer behind traditional perimeter defenses need to be updated. Can administrators quickly and easily update policies to ensure continuous protection for these remote systems? Video Protection Without Complexity is More Important … [Read more...] about Flexible Policy Management for Remote Systems
remote
Automating Remote Remediation of TrickBot: Part 2
This is Part Two in a two-part blog series covering the CrowdStrike® Falcon Complete™ team’s ability to remotely remediate “TrickBot,” a modular trojan that is particularly devastating when paired with “Ryuk” ransomware. This deep dive analyzes an automated methodology that leverages the Falcon Real Time Response (RTR) API in addition to PowerShell and Python scripting in order … [Read more...] about Automating Remote Remediation of TrickBot: Part 2
Automating Remote Remediation of TrickBot: Part 1
The combination of commodity banking malware and ransomware is nothing new in the threat landscape. Adversaries continue to develop new tactics that enhance their capabilities to quickly spread malware infections across an environment, seize control of systems and hold organizations hostage pending a ransom payment. The adversary tracked as WIZARD SPIDER has used “big game … [Read more...] about Automating Remote Remediation of TrickBot: Part 1
Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking
A new research has uncovered multiple critical reverse RDP vulnerabilities in Apache Guacamole, a popular remote desktop application used by system administrators to access and manage Windows and Linux machines remotely.The reported flaws could potentially let bad actors achieve full control over the Guacamole server, intercept, and control all other connected … [Read more...] about Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking
Threat Intelligence to Protect a Remote Workforce
Introduction Adversaries are preying on the fear and disruption caused by the coronavirus pandemic. Their use of COVID-19-related phishing lures with promises of aid or information is now commonplace. In addition, the rapid pivot of organizations to work-from-home has created opportunities for adversaries to probe for security gaps in the newly deployed infrastructure. How can … [Read more...] about Threat Intelligence to Protect a Remote Workforce
New Partnership Secures Remote Workforce With Integrated Solution
CrowdStrike, Netskope, Okta and Proofpoint are joining together to help better safeguard organizations by delivering an integrated, Zero Trust security strategy that is designed to protect today’s dynamic and remote working environments at scale. The sudden shift to a remote workforce due to the COVID-19 pandemic has driven many organizations to accelerate their multi-year … [Read more...] about New Partnership Secures Remote Workforce With Integrated Solution
CrowdStrike’s Real Time Response Enables Remote Remediation
Introduction Remote systems can be easy targets for attackers. When these systems are compromised, responders need to work quickly to understand the attack and take action to remediate. The responders need remote system visibility and access since users can’t walk a laptop over to IT. Do responders have the visibility and context they need to understand the threat? Can they … [Read more...] about CrowdStrike’s Real Time Response Enables Remote Remediation
THREAT HUNTING WITH A REMOTE WORKFORCE
Introduction In the world of cybersecurity, adversaries and defenders are constantly trying to outmaneuver each other and gain strategic advantage. For example, attackers are keenly aware that the shift to work-from-home has placed tremendous pressure on security teams and realize that now is the time to exploit potential infrastructure and security gaps caused by this … [Read more...] about THREAT HUNTING WITH A REMOTE WORKFORCE
Remote Access Trojans – Cisco Blog
You’re working for a high-profile technology company, close to releasing a market-changing product to the public. It’s a highly contested space, with many competitors, both domestic and international. There’s also a lot of buzz in the media and online speculation on the scope and impact your new product will have. And it goes without question that customers are keen to know … [Read more...] about Remote Access Trojans – Cisco Blog
SIM Cards in 29 Countries Vulnerable to Remote Simjacker Attacks
Until now, I'm sure you all might have heard of the SimJacker vulnerability disclosed exactly a month ago that affects a wide range of SIM cards and can remotely be exploited to hack into any mobile phone just by sending a specially crafted binary SMS.If you are unaware, the name "SimJacker" has been given to a class of vulnerabilities that resides due to a lack of … [Read more...] about SIM Cards in 29 Countries Vulnerable to Remote Simjacker Attacks