In the last article, I shared my favourite Brim ZQL queries to begin a threat hunting investigation in Zeek data. We covered pretty…
With attacks showing no signs of abating, some companies have begun offering services to help reduce ransom demands, buy more time, and arrange payments.
Moderated by Sean Gallagher, Senior Threat Researcher, Sophos
Join Jorge Orchilles, Chief Technology Officer at SCYTHE for a two hour Hands-On Purple Team Workshop on Thursday, October 29, 2020. In this two hour hands-on workshop you will play the ...
This PCAP Analysis lab will walk you through finding adversary activity in network traffic captured at the perimeter of victim network.
As we dive into Fal.Con 2020, we reflect on the key cloud security innovations announced at this year's conference and how they'll help our customers.
The Windows Update client has just been added to the list of living-off-the-land binaries (LoLBins) attackers can use to execute malicious code on Windows systems.
In the last installment of our three-part series, the Falcon Complete team provides QakBot countermeasures that can be deployed via the CrowdStrike Falcon platform.