<ciso brief/>
Tag Banner

All news with #crowdstrike tag

all tags →

Wed, August 20, 2025

Falcon Stops COOKIE SPIDER's SHAMOS macOS Delivery

#Active Exploitation #Apple #CrowdStrike #Data Exfil via Tools #Exploit Detected #GitHub #Malvertising

🔒 Between June and August 2025, the CrowdStrike Falcon platform blocked a widespread malware campaign that attempted to compromise more than 300 customer environments. The campaign, operated by COOKIE SPIDER and renting the SHAMOS stealer (an AMOS variant), used malvertising and malicious one-line install commands to bypass Gatekeeper and drop a Mach-O executable. Falcon detections—machine learning, IOA behavior rules and threat prevention—prevented SHAMOS at download, execution and exfiltration stages. CrowdStrike published hunting queries, mitigation guidance and IOCs including domains, a spoofed GitHub repo and multiple script and Mach-O hashes.

read more →

Thu, August 14, 2025

Defending Against SCATTERED SPIDER with Falcon SIEM

#Azure Entra ID #Cross-Tenant Access #CrowdStrike #Data Exfil via Tools #Identity Threat Detection #MFA #Okta #PII #Ransomware #SSO

🔒 Falcon Next-Gen SIEM provides real-time, cross-domain detection to help organizations detect and respond to the identity-centric eCrime group SCATTERED SPIDER. The platform correlates identity, cloud, SaaS, network and email telemetry, offering out-of-the-box rule templates for phishing, MFA fatigue, suspicious SSO events and exfiltration. CrowdStrike recommends comprehensive log ingestion and tuning of these templates to improve detection and response across the full attack lifecycle.

read more →

Thu, August 14, 2025

Falcon Next-Gen Identity Security Unifies Protection

#Agentic AI #CrowdStrike #IAM #Identity Posture #Identity Threat Detection #Just-in-Time Access #Least Privilege #PAM #Product Release

🔒 CrowdStrike announced Falcon Next-Gen Identity Security, a unified solution to protect human, non-human, and AI agent identities across on-premises, cloud, and SaaS environments. It consolidates initial access prevention, modern secure privileged access, identity threat detection and response (ITDR), SaaS identity security, and agentic identity protection into a single sensor and management console. Delivered via the AI-native Falcon platform, the offering provides real-time visibility, dynamic access enforcement, and autonomous response to reduce identity-driven breaches and simplify hybrid identity security.

read more →

Tue, August 12, 2025

CrowdStrike Named Leader in GigaOm SSPM Radar 2025

#AI Security #CrowdStrike #Identity Posture #Identity Threat Detection #OAuth Misconfig #Service Accounts #Shadow AI

🔒 CrowdStrike has been named the only Leader and Outperformer in the 2025 GigaOm Radar for SaaS Security Posture Management (SSPM). The recognition highlights the CrowdStrike Falcon platform's unified, AI-native approach—combining Falcon Shield, identity protection and cloud security—to detect and remediate misconfigurations, identity threats, and unauthorized SaaS access. Falcon Shield's extensive integrations, automated policy responses via Falcon Fusion SOAR, and GenAI-focused controls underpin its market-leading posture and support continuous visibility across human and non-human identities.

read more →