Latin America (LATAM) is a growing market, and threat actors have used numerous eCrime malware variants to target users in this region. Over the past few years, many researchers have characterized the tactics, techniques and procedures (TTPs) of widespread Latin America malware families, including but not limited to Mispadu, Grandoreiro, Mekotio, Casbaneiro, Metamorfo and Astaroth.

The CrowdStrike Global Threat Report, now in its tenth iteration, examines how adversaries’ behavior poses an ever-expanding risk to the security of organizations’ data and infrastructure. Armed with this critical information, organizations are better equipped to face evolving threats. Stealth was the pervading theme of the 2023 threat landscape.

It is a common refrain in security circles that “nobody loves their vulnerability management tool.” CrowdStrike may have just proved to be the exception. We are proud to announce that CrowdStrike is the only vendor named a Customers’ Choice in the 2024 Gartner “Voice of the Customer” Report for Vulnerability Assessment. In this report, CrowdStrike is the only vendor placed in the upper right quadrant, meaning we received a Customers’ Choice Distinction.

According to a 2023 Forbes article, 12.7% of U.S. workers work remotely and 28.2% have adopted a hybrid work schedule. As device and usage trends continue to shift, organizations must find ways to secure remote endpoints that could grant adversaries access if left vulnerable.

As organizations shift their applications and operations to the cloud and increasingly drive revenues through software, cloud-native applications and APIs have emerged among the greatest areas of modern security risk.

As organizations move more of their business-critical applications to the cloud, adversaries are shifting their tactics accordingly. And within the cloud, it’s clear that cybercriminals are setting their sights on software applications: In fact, industry data shows 8 out of the top 10 breaches in 2023 were related to applications.

CrowdStrike researchers have identified a HijackLoader (aka IDAT Loader) sample that employs sophisticated evasion techniques to enhance the complexity of the threat. HijackLoader, an increasingly popular tool among adversaries for deploying additional payloads and tooling, continues to evolve as its developers experiment and enhance its capabilities.

As Microsoft Azure continues to gain market share in the cloud infrastructure space, it has garnered attention from adversaries ranging from hacktivist and eCrime threat actors to nation-state adversaries. Recent attacks on Microsoft by cloud-focused threat actors like COZY BEAR are becoming more frequent and garnering huge attention.

Cybercriminals work around the clock to discover new tactics to breach systems. Each time a digital ecosystem changes, it can introduce a weakness for a threat actor to quickly discover and exploit. As technological innovation progresses rapidly, and organizations expand their infrastructure, this weakness may take shape in the form of architecture drift. Today, we explore the concept of architecture drift: what it is, why it matters and how application security posture management (ASPM) can help.

Today’s cybersecurity landscape poses one of the most significant risks to data. This holds true for organizations of all sizes, across all industries, tasked with protecting their most essential data amid an increasingly regulated environment and faster, more innovative adversaries. Recent years have introduced a steady drumbeat of new data privacy regulations. There are now 14 U.S. states that have passed privacy laws.