Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This month, we’re excited to announce new user experience improvements for search, session management, and mobile, in addition to major improvements to our Migration App. Continue reading to learn about some of the notable capabilities added to the platform in August.

Cyberthreats are one of the most significant challenges facing society today. From illegal political influence to personal data theft, cyberattacks are already posing a huge problem for governments, businesses, and individuals. And as attacks become more sophisticated, it’s getting harder to protect ourselves online. So, what can we expect from the future of cybersecurity? Is it possible to keep up with the speed and complexity of these advancing attacks?

Impacket’s wmiexec.py (“wmiexec”) is a popular tool used by red teams and threat actors alike. The CrowdStrike Services team commonly sees threat actors leveraging wmiexec to move laterally and execute commands on remote systems as wmiexec leverages Windows native protocols to more easily blend in with benign activity.

Today, many organizations have a security awareness program of some kind. Whether it’s annual compliance training or the orientation video warning new employees about phishing, it’s almost a standard now among industries. However, security awareness programs vary in frequency, details, and execution. And it’s that variability which, unfortunately, can become a vulnerability. Employees and users are the first line of defense against a cyberattack.

In the introductory post of this series, we reviewed what an Active Directory (AD) service account is, explained why these privileged accounts are a serious security risk, and promised to detail 4 types of attacks on service accounts in future posts. This post explores the first of those attacks: LDAP reconnaissance, which attackers can use to discover service accounts in an IT environment while avoiding detection.

In the first post of these series we showed how an adversary can discover Active Directory service accounts with PowerShell, and the second post demonstrated how to crack their passwords using the Kerberoasting technique. Now let’s see how an attacker can exploit a compromised service account using Kerberos Silver Tickets to forge TGS tickets.

The increasing popularity of online payment systems results from the world’s gradual transition to a cashless and contactless digital economy — an economy, projected in a recent Huawei white paper, to be worth $23 trillion by 2025.

In recent years there has been a growing trend for cybercriminals to target human resources departments in order to exploit the sensitive data they handle. Hackers can do a lot of damage, and make a lot of money, once they gain access to Social Security information, dates of birth, work history or employee and company bank account numbers.

With the alarming increase in cyberattacks across the globe, it is becoming evident that no organization is immune to cyberthreats. As a result, there is a question pending in the minds of IT security leaders: What happens to their organization in case of a cyberattack?