Once threat actors gain a foothold on a system, they must implement techniques to maintain that access, even in the event of restarts, updates in credentials or any other type of change that might disrupt access. These techniques are collectively known as persistence techniques. In this blog post, we will focus on how malware can achieve persistence by abusing the Windows Registry.
Deep learning is a core part of CrowdStrike’s arsenal of machine learning (ML) techniques, and we are constantly innovating in this area to boost the performance of our ML models. However, ML can consume large amounts of computing resources. To minimize the computing load and its associated costs, we strive to optimize performance and resource utilization for our models as well as address any safety issues related to the use of third-party tools.
CloudCasa by Catalogic and Ondat have joined forces to offer customers a combined solution stack to run and manage stateful applications on Kubernetes and provide best-of-breed performance, availability, data protection and recovery. In this episode of TFiR: Let’s Talk, Swapnil Bhartiya sits down with the executives of both companies, CloudCasa COO Sathya Sankaran and Ondat CEO Richard Olver, to talk about their partnership.
President Joe Biden took the next step in the nation's ongoing effort to combat cyber threats by issuing the National Cybersecurity Strategy on March 2, which focuses on growing the public-private sector security partnership needed to protect critical infrastructure, dismantle threat groups, and increase resiliency.
IBM have just released their coveted X-Force Threat Intelligence Index 2023 report, tracking new, existing and evolving threat insights, discovered over the last year. This in-depth, 58-page report explores threat actor’s exploitation of the after-effects of a global pandemic, and the turmoil caused by conflict between Russia and Ukraine, as IBM states “creating exactly the kind of chaos in which cybercriminals thrive. And thrive they did.”.
Recent high-profile software supply chain breaches have sharpened the focus on application security. But as cybersecurity professionals know all too well, concern doesn’t always equate to action. In theory, the rise of DevSecOps best practices that shift responsibility for application security further left should reduce the number of vulnerabilities that now routinely make it into production applications. However, real life is a little messier.
Staying ahead of the cyberattack curve in a constantly evolving world requires a comprehensive strategy. Today's release of the Biden-Harris Administration's National Cybersecurity Strategy provides an extensive roadmap for impacting both public and private security efforts. In this blog post, we’ll take an in-depth look at three of the most software-related strategic objectives: software liability, open-source software usage, and cybersecurity workforce readiness.
Willie Sutton, the criminal who became legendary for stealing from banks during a forty year career, was once asked, "Why do you keep robbing banks?" His answer? "Because that's where the money is." However, today there's a better target for robbers today than banks, which are typically well-defended against theft... Cryptocurrency wallets.
We recently launched the LimaCharlie Query console which makes the underlying LimaCharlie Query Language (LCQL) more accessible. Users can now easily operationalize the full year of telemetry retained by LimaCharlie, reducing or eliminating the need to send telemetry into 3rd party SIEM-like tools such as Splunk and ELK. It is an exciting new set of capabilities that opens a whole new world of possibilities.
