CrowdStrike Incident Response (IR) services sees firsthand why organizations facing today’s evolving threat landscape require advanced capabilities to detect, respond, and remediate cyberattacks in near real time. These observations continue to shape our approach to delivering unparalleled incident response. In this blog, we detail how CrowdStrike IR has evolved to … [Read more...] about Redefining Incident Response in the Modern Era
Security
Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails
Microsoft has shed light on an ongoing phishing campaign that targeted the hospitality sector by impersonating online travel agency Booking.com using an increasingly popular social engineering technique called ClickFix to deliver credential-stealing malware. The activity, the tech giant said, started in December 2024 and operates with the end goal of conducting financial fraud … [Read more...] about Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails
Build Smarter Threat Detection with Next-Gen SIEM
SOC teams across businesses, industries, and geographies share the same goal: Stop cyberattacks before damage is done. But for those with legacy SIEMs, this goal is nearly impossible to achieve. While powerful, legacy SIEMs demand an overwhelming investment of time, resources, and expertise to set up and maintain. Legacy SIEMs force SOC teams to manually define every … [Read more...] about Build Smarter Threat Detection with Next-Gen SIEM
Understanding the Quantum Threat to Network Security
Confidentiality is a fundamental pillar of information security. In sensitive deployments, such as those involving federal governments, military and defense agencies, and large financial institutions, the demand for confidentiality extends well beyond the typical 5 to 10 years, often reaching 20 years or more. The same also applies to telecom operators and … [Read more...] about Understanding the Quantum Threat to Network Security
Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits
Mar 12, 2025Ravie LakshmananCyber Espionage / Vulnerability The China-nexus cyber espionage group tracked as UNC3886 has been observed targeting end-of-life MX routers from Juniper Networks as part of a campaign designed to deploy custom backdoors, highlighting their ability to focus on internal networking infrastructure. "The backdoors had varying custom capabilities, … [Read more...] about Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits
March 2025 Patch Tuesday: Updates and Analysis
Actively Exploited Zero-Day Vulnerability in Microsoft Management Console Microsoft Management Console received a patch for CVE-2025-26633, which has a severity of Important and a CVSS score of 7.0. This RCE vulnerability could allow a remote attacker to run arbitrary code on a victim machine after tricking a victim into either opening a malicious file from an email or … [Read more...] about March 2025 Patch Tuesday: Updates and Analysis
How to store cryptocurrency after the Bybit hack
February 21 was a dark day for the crypto market as it suffered the largest heist in its history. Attackers made off with around $1.5 billion from Bybit, the world’s second-largest crypto exchange, with experts citing it as the biggest theft – of anything – of all time. Although neither this loss nor the withdrawal of a further $5 billion by panicked investors were fatal for … [Read more...] about How to store cryptocurrency after the Bybit hack
Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks
The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024. "The monitored campaigns targeted Colombian judicial institutions and other government or private organizations, with high infection rates," Check Point said in a new analysis. "More than 1,600 victims were affected … [Read more...] about Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks
Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials
Mar 10, 2025Ravie LakshmananCybersecurity / Malware Cybersecurity researchers have demonstrated a novel technique that allows a malicious web browser extension to impersonate any installed add-on. "The polymorphic extensions create a pixel perfect replica of the target's icon, HTML popup, workflows and even temporarily disables the legitimate extension, making it extremely … [Read more...] about Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials
How Industry Leaders are Stopping Identity Attacks
The CrowdStrike 2025 Global Threat Report highlights the ongoing threat of identity-based attacks. Adversaries are increasingly exploiting stolen credentials to evade detection, and 79% of detections overall were classified as malware-free. Valid account abuse became the primary initial access method in 35% of cloud intrusions. The report also shares that access broker … [Read more...] about How Industry Leaders are Stopping Identity Attacks