According to the CrowdStrike 2023 Global Threat Report, there was a 95% increase in cloud exploits in 2022, with a three-fold increase in cases involving cloud-conscious threat actors. The cloud is rapidly becoming a major battleground for cyberattacks — and the cost of a breach has never been higher.

The MITRE ATT&CK framework, a key resource for helping organizations defend against cyberattacks, is critical to advancing cybersecurity research. The MITRE Engenuity Center for Threat-Informed Defense’s public library of adversary-specific emulation plans has become a valuable component of the ATT&CK framework. Each plan in the library provides comprehensive ATT&CK tactics and techniques employed by well-known adversaries.

Today’s security practitioners face a daunting challenge: Staying ahead of sophisticated adversaries who have turned their attention to the expansive terrain of cloud environments. CrowdStrike observed a 95% year-over-year increase in cloud exploitation in 2022. This trend demands strategic reevaluation of how organizations protect their cloud environments and workloads, and emphasizes the importance of choosing the right cloud security capabilities.

Since announcing Charlotte AI, we’ve engaged with many customers to show how this transformational technology will unlock greater speed and value for security teams and expand their arsenal in the fight against modern adversaries. Customer reception has been overwhelmingly positive as organizations see how Charlotte AI will make their teams faster, more productive and learn new skills, which is critical to beat the adversaries in the emerging generative AI arms race.

Forrester has named CrowdStrike a Leader in The Forrester Wave™: Managed Detection And Response Services In Europe, Q4 2023, only a few months after naming CrowdStrike a Leader in The Forrester Wave™: Managed Detection and Response, Q2 2023. In Forrester’s MDR report for Europe, CrowdStrike Falcon® Complete received the highest scores in the Current Offering and Strategy categories, as well as the highest possible scores in 13 of 22 criteria.

It’s 10:30 p.m. and you’re heading to bed. Unfortunately, a threat actor has your organization in their crosshairs. While you’re brushing your teeth, they’re crafting a social engineering email to pilfer your employees’ credentials. While you’re putting on your pajamas, they’re finding a path to log in. While you’re asleep, is your organization protected?

CrowdStrike’s cloud security team discovered a new vulnerability (CVE-2023-29082) in Flexera’s FlexNet Inventory Agent. When exploited, an attacker can escape from a container and gain root access to the host. Exploitation of CVE-2023-29082 can allow an attacker to perform a variety of actions on objectives, including execution of malware and exfiltration of data.