Crowdstrike – Page 15 – WindowsTechs.com

Senate hearing on SolarWinds hack lays bare US shortcomings, remaining mysteries

Posted on February 23, 2021 by Tim Starks

A host of federal government policy failures contributed to the rippling damage of the SolarWinds hack, leaders of cyber firms told a Senate panel on Tuesday, with even lawmakers saying Congress must do more to prevent a repeat. More than two months after the hack became public, the wide-ranging Senate Select Committee on Intelligence hearing committee demonstrated that the U.S. government, the private sector and digital incident responders still are wrestling with the ramifications of an suspected Russian espionage campaign that leveraged the federal contractor SolarWinds. A number of big questions remain: SolarWinds still hasn’t determined how the hackers originally got into its systems, nobody has fully settled debates on whether the incident amount to espionage, or something worse, and suspicions abound that more victims remain unrevealed. “It has become clear that there is much more to learn about this incident, its causes, its scope and scale, and where we […]

The post Senate hearing on SolarWinds hack lays bare US shortcomings, remaining mysteries appeared first on CyberScoop.

Continue reading Senate hearing on SolarWinds hack lays bare US shortcomings, remaining mysteries→

Adversaries exploit supply chains, double down on COVID-19 and ransomware

Posted on February 23, 2021 by Help Net Security

Supply chain attacks, ransomware, data extortion and nation-state threats prove to be more prolific than ever, a CrowdStrike report suggests. eCrime attacks made up 79% of all intrusions (via hands-on-keyboard activity). Among a popular vector for cybe… Continue reading Adversaries exploit supply chains, double down on COVID-19 and ransomware→

CrowdStrike acquires Humio to expend its XDR capabilities

Posted on February 19, 2021 by Industry News

CrowdStrike announced it has agreed to acquire Humio. Under the terms of the agreement, CrowdStrike will pay approximately $400 million to acquire Humio, subject to adjustments. The acquisition is expected to close during CrowdStrike’s fiscal first qua… Continue reading CrowdStrike acquires Humio to expend its XDR capabilities→

Logging startups are suddenly hot as CrowdStrike nabs Humio for $400M

Posted on February 18, 2021 by Ron Miller

A couple of weeks ago SentinelOne announced it was acquiring high-speed logging platform Scalyr for $155 million. Just this morning CrowdStrike struck next, announcing it was buying unlimited logging tool Humio for $400 million. In Humio, CrowdStrike gets a company that will provide it with the ability to collect unlimited logging information. Most companies have […] Continue reading Logging startups are suddenly hot as CrowdStrike nabs Humio for $400M→

Marianne Budnik joins CrowdStrike as CMO

Posted on February 3, 2021 by Industry News

CrowdStrike announced the appointment of Marianne Budnik as the company’s new chief marketing officer (CMO). With more than 25 years of experience, Budnik brings deep expertise in the cybersecurity industry, along with Marketing leadership roles in hig… Continue reading Marianne Budnik joins CrowdStrike as CMO→

Google’s BeyondCorp Enterprise security platform is now generally available

Posted on January 26, 2021 by Frederic Lardinois

Google today announced that BeyondCorp Enterprise, the zero trust security platform modeled after how Google itself keeps its network safe without relying on a VPN, is now generally available. BeyondCorp Enterprise builds out Google’s existing BeyondCorp Remote Access offering with additional enterprise features. Google describes it as “a zero trust solution that enables secure access with […] Continue reading Google’s BeyondCorp Enterprise security platform is now generally available→

SolarWinds: What Hit Us Could Hit Others

Posted on January 12, 2021 by BrianKrebs

New research into the malware that set the stage for the megabreach at IT vendor SolarWinds shows the perpetrators spent months inside the company’s software development labs honing their attack before inserting malicious code into updates that SolarWinds then shipped to thousands of customers. More worrisome, the research suggests the insidious methods used by the intruders to subvert the company’s software development pipeline could be repurposed against many other major software providers. Continue reading SolarWinds: What Hit Us Could Hit Others→

SolarWinds hack investigation reveals new Sunspot malware

Posted on January 12, 2021 by Zeljka Zorz

Crowdstrike researchers have documented Sunspot, a piece of malware used by the SolarWinds attackers to insert the Sunburst malware into the company’s Orion software. SolarWinds has also revealed a new timeline for the incident and the discovery … Continue reading SolarWinds hack investigation reveals new Sunspot malware→

SolarWinds details stealthy code used to launch hacking campaign

Posted on January 11, 2021 by Sean Lyngaas

SolarWinds, the federal contractor at the center of a sweeping suspected Russian hacking campaign, on Monday identified malicious code the company says attackers used to manipulate its software, and remain undetected for months. The code was designed to inject another piece of custom malicious software into Orion, the SolarWinds software used by numerous Fortune 500 companies and federal agencies, “without arousing the suspicion of our software development and build teams,” Sudhakar Ramakrishna, the new CEO of SolarWinds, wrote in a blog post. The discovery adds to the public understanding of one of the most complex digital espionage operations in recent memory. The attackers have used not only SolarWinds’ software, but other digital entry points in carrying out the hack, which has affecting major firms including Microsoft and FireEye, as well as multiple federal agencies. Security firm CrowdStrike, which helped find the new malicious code, said the code monitors software processes […]

The post SolarWinds details stealthy code used to launch hacking campaign appeared first on CyberScoop.

Continue reading SolarWinds details stealthy code used to launch hacking campaign→

Microsoft alerts CrowdStrike of hackers’ attempted break-in

Posted on December 24, 2020 by Shannon Vavra

During the course of investigating the SolarWinds breach, CrowdStrike says Microsoft uncovered an attempt from unidentified hackers to read emails linked with the company. The hackers failed in their attempt to breach CrowdStrike, Chief Technology Officer Michael Sentonas said in a blog post Wednesday. Microsoft researchers first found the attempt, Sentonas said. Microsoft told CrowdStrike that “several months ago,” the Microsoft Azure account of a Microsoft reseller was making “abnormal calls” to Microsoft cloud application programming interfaces (APIs). The account managed Microsoft Office licenses for CrowdStrike. The attackers tried to access emails, but, “as part of our secure IT architecture, CrowdStrike does not use Office 365 email,” Sentonas said. “We have conducted an extensive review of our production and internal environments and found no impact,” Sentonas said. “CrowdStrike conducted a thorough review into not only our Azure environment, but all of our infrastructure for the indicators shared by Microsoft.” It […]

The post Microsoft alerts CrowdStrike of hackers’ attempted break-in appeared first on CyberScoop.

Continue reading Microsoft alerts CrowdStrike of hackers’ attempted break-in→