Preventable breaches are a common problem. According to research by Nagomi, a leader in the nascent field of automated security control assessment, 80% of breached organizations already had a tool in place that could have prevented it. One solution is to maximize the use of security tools they already have. Many enterprises grapple with ineffective and reactive security … [Read more...] about Falcon Fund Invests in Nagomi
Severe Flaws Disclosed in Brocade SANnav SAN Management Software
Apr 26, 2024NewsroomSupply Chain Attack / Software Security Several security vulnerabilities disclosed in Brocade SANnav storage area network (SAN) management application could be exploited to compromise susceptible appliances. The 18 flaws impact all versions up to and including 2.3.0, according to independent security researcher Pierre Barre, who discovered and reported … [Read more...] about Severe Flaws Disclosed in Brocade SANnav SAN Management Software
CrowdStrike and Google Cloud Expand Strategic Partnership
CrowdStrike and Google Cloud today debuted an expanded strategic partnership with a series of announcements that demonstrate our ability to stop cloud breaches with industry-leading AI-powered protection. These new features and integrations are built to protect Google Cloud and multi-cloud customers against adversaries that are increasingly targeting cloud environments. At a … [Read more...] about CrowdStrike and Google Cloud Expand Strategic Partnership
April 2024 Patch Tuesday: Updates and Analysis
Microsoft has released security updates for 150 vulnerabilities in its April 2024 Patch Tuesday rollout, a much larger amount than in recent months. There are three Critical remote code execution vulnerabilities (CVE-2024-21322, CVE-2024-21323 and CVE-2024-29053), all of which are related to Microsoft Defender for IoT, Microsoft’s security platform for IoT devices. April 2024 … [Read more...] about April 2024 Patch Tuesday: Updates and Analysis
Network Threats: A Step-by-Step Attack Demonstration
Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetected with the simplest tools and why you need multiple choke points in your defense strategy. Surprisingly, most network attacks are not exceptionally sophisticated, technologically advanced, or reliant on zero-day tools that exploit … [Read more...] about Network Threats: A Step-by-Step Attack Demonstration
CrowdStrike Extends Identity Security Capabilities to Stop Attacks in the Cloud
Two recent Microsoft breaches underscore the growing problem of cloud identity attacks and why it’s critical to stop them. While Microsoft Active Directory (AD) remains a prime target for attackers, cloud identity stores such as Microsoft Entra ID are also a target of opportunity. The reason is simple: Threat actors increasingly seek to mimic legitimate users in the target … [Read more...] about CrowdStrike Extends Identity Security Capabilities to Stop Attacks in the Cloud
CrowdStrike Falcon Wins Best EDR Annual Security Award in SE Labs
CrowdStrike wins third consecutive Best Endpoint Detection and Response 2024 Award from SE Labs The award recognizes that the CrowdStrike Falcon® platform demonstrates consistent results in detecting real-world adversary tradecraft, both in SE Labs testing and in real-world scenarios CrowdStrike remains committed to participating in independent testing that provides … [Read more...] about CrowdStrike Falcon Wins Best EDR Annual Security Award in SE Labs
U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks
Apr 24, 2024NewsroomCyber Attack / Cyber Espionage The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Monday sanctioned two firms and four individuals for their involvement in malicious cyber activities on behalf of the Iranian Islamic Revolutionary Guard Corps Cyber Electronic Command (IRGC-CEC) from at least 2016 to April 2021. This includes the front … [Read more...] about U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks
What You Need to Know About the Critical PAN-OS Zero-Day
UPDATE: It has been confirmed that disabling telemetry will not block this exploit. Applying a patch as soon as possible is the most effective remediation for this vulnerability. Patches for 8 of the 18 vulnerable versions have been released; patches for the remaining vulnerable versions are expected by April 19th. CrowdStrike is constantly working to protect our customers from … [Read more...] about What You Need to Know About the Critical PAN-OS Zero-Day