Top news of the week: 21.10.2021.
Mitre Attack
Many Paths, One Goal: Forging a Career in Cybersecurity
We asked four of CrowdStrike’s finest analysts and threat hunters to share their experiences in cybersecurity and their thoughts on the industry's evolution.
Sysmon vs Microsoft Defender for Endpoint, MDE Internals 0x01
It is not a big secret that we at FalconForce work a lot with, and are big fans of, both Microsoft Defender for Endpoint (MDE) and…
New Microsoft Sysmon report in VirusTotal improves security
Today, following the 25th year anniversary of Microsoft Sysinternals, we are announcing the general availability of a new Microsoft Sysmon report in VirusTotal. Whether you’re an IT ...
MITRE ATT&CK technique coverage with Sysmon for Linux
Thanks to Kevin Sheldrake, Roberto Rodriguez, Jessen Kurien and Ofer Shezaf for making this blog possible. For many years, people have been using Sysmon on their Windows systems to gain ...
How AI Can Stop Zero-Day Ransomware
Ransomware attacks are unpredictable. AI is better at figuring out what looks malicious and abnormal than humans will ever be.
IcedID to XingLocker Ransomware in 24 hours
In this intrusion, we observed the threat actors use multiple DLL Beacons that would call out to different Cobalt Strike C2 channels. The threat actors used batch scripts during the ...
'Clumsy' BlackByte Malware Reuses Crypto Keys, Worms Into Networks
Discovered during a recent incident response engagement, the malware avoids Russian computers and uses a single symmetric key for encrypting every compromised system.
Loss Prevention Teams Up With Cybersecurity to Address Retail Fraud
As retailers roll out more "buy online, pickup in-store" options, loss prevention professionals are increasingly shifting their attention from in-store theft to e-commerce fraud.