All posts tagged: CrowdStrike

Generative AI Powers Social Engineering Attacks

Generative AI Powers Social Engineering Attacks

Phishing was no longer as common in 2024 as before, according to CrowdStrike’s 2025 Global Threat Report. Threat actors trend toward accessing legitimate accounts through social engineering techniques like voice phishing (vishing), callback phishing, and help desk social engineering attacks. We’re well within the era of what cybersecurity technology CrowdStrike called “the enterprising adversary,” with malware-as-a-service and criminal ecosystems replacing the old-fashioned image of the lone threat actor. Attackers are also using legitimate remote management and monitoring tools where they might once have chosen malware. Threat actors take advantage of generative AI Threat actors are using generative AI to craft phishing emails and carry out other social engineering attacks. CrowdStrike found threat actors using generative AI to: Create fictitious LinkedIn profiles in hiring schemes such as those carried out by North Korea. Create deepfake video and voice clones to commit fraud. Spread disinformation on social media. Create spam email campaigns. Write code and shell commands. Write exploits. Some threat actors pursued gaining access to the LLMs themselves, particularly models hosted on Amazon Bedrock. Must-read security …

What Went Wrong This Year?

What Went Wrong This Year?

In the fast-paced world of innovation, every breakthrough carries the risk of missteps, miscalculations, or under-delivering promises. The biggest tech story of 2024 — the CrowdStrike outage that affected businesses and consumers nationwide — was also one of the year’s most notable failures. But the CrowdStrike story is more than just a tale of failure — it’s also a testament to resilience and recovery. TechRepublic has compiled the most significant tech flops of the year, exploring how they were addressed — or left unresolved. SEE: These are the hottest cybersecurity news stories of 2024. CrowdStrike bug strands travelers amid mass blue screens of death On the morning of Friday, July 19, the CrowdStrike cloud security platform released a content configuration update for Windows. A bug in the Content Validator used in the update caused a cascade of errors that spread across CrowdStrike’s customers. That customer group included about 8.5 million Windows devices in businesses, airports, and emergency services departments. CrowdStrike fixed the problem on their end 78 minutes after the update. However, affected machines needed …

CrowdStrike Survey Highlights Security Challenges in AI Adoption

CrowdStrike Survey Highlights Security Challenges in AI Adoption

Do the security benefits of generative AI outweigh the harms? Just 39% of security professionals say the rewards outweigh the risks, according to a new report by CrowdStrike. In 2024, CrowdStrike surveyed 1,022 security researchers and practitioners from the U.S., APAC, EMEA, and other regions. The findings revealed that cyber professionals are deeply concerned by the challenges associated with AI. While 64% of respondents have either purchased generative AI tools for work or are researching them, the majority remain cautious: 32% are still exploring the tools, while only 6% are actively using them. What are security researchers seeking from generative AI? According to the report: The highest-ranked motivation for adopting generative AI isn’t addressing a skills shortage or meeting leadership mandates — it’s improving the ability to respond to and defend against cyberattacks. AI for general use isn’t necessarily appealing to cybersecurity professionals. Instead, they want generative AI partnered with security expertise. 40% of respondents said the rewards and risks of generative AI are “comparable.” Meanwhile, 39% said the rewards outweigh the risks, and 26% …

Which Offers Better Cloud Security and Value?

Which Offers Better Cloud Security and Value?

CrowdStrike and Wiz are two security providers operating from vastly different positions. On one hand, CrowdStrike has been in the space since 2011 and has solidified itself as an industry leader in endpoint detection and response solutions. Meanwhile, Wiz is a much younger cybersecurity startup founded in 2020 that aims to make a name for itself in the world of cloud security. In this article, we examine how CrowdStrike and Wiz stack against each other to determine which one is best for you and your organization. Semperis Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Large (1,000-4,999 Employees), Enterprise (5,000+ Employees) Large, Enterprise Features Advanced Attacks Detection, Advanced Automation, Anywhere Recovery, and more ManageEngine Log360 Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Micro (0-49 Employees), Small (50-249 Employees), Medium (250-999 Employees), Large (1,000-4,999 Employees), Enterprise (5,000+ Employees) Micro, Small, Medium, Large, Enterprise Features Activity Monitoring, Blacklisting, Dashboard, and more Graylog Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), …

Cybersecurity News Round-Up 2024: Top 10 Biggest Stories

Cybersecurity News Round-Up 2024: Top 10 Biggest Stories

This year has not been quiet for the cybersecurity field. We have seen record-breaking data breaches, huge ransomware payouts, and illuminating studies about the impact of the increasingly complex and ever-evolving threat landscape. As we approach the new year, TechRepublic revisits the biggest cybersecurity stories of 2024. 1.  Midnight Blizzard’s attack on Microsoft In January, Microsoft disclosed that it had been a victim of a nation-state-backed attack beginning in November 2023. The Russian threat actor group Midnight Blizzard accessed some Microsoft corporate emails and documents through compromised email accounts. Later, Microsoft revealed they had also accessed some source code repositories and internal systems. Midnight Blizzard gained access through a successful password spray attack on a legacy test tenant account without multi-factor authorisation. Password spraying is a brute force attack in which threat actors spam or “spray” commonly used passwords against many different accounts in one organisation or application. From there, they could use that account’s permissions to access a small number of Microsoft corporate email accounts—some of those accounts were for senior leadership team members. …

Top 5 Cyber Security Trends for 2025

Top 5 Cyber Security Trends for 2025

The cyber landscape is more turbulent than ever. Microsoft recently reported a 2.75-fold increase in ransomware attempts this year, while research predicts that global cyber attacks in 2024 will surge 105% compared to 2020. There is a dire need for more qualified cyber professionals as generative AI is lowering the barrier to entry for attacks. Unfortunately, cyber skills gaps have been reported in both the U.K. and Australia, with women making up only a quarter of the industry. But how will we roll into next year? TechRepublic asked cyber experts to predict the top trends impacting the security field in 2025. SEE: Number of Active Ransomware Groups Highest on Record 1. Renewed focus on third-party risk management, including the AI software supply chain This year, headlines were dominated by the CrowdStrike incident, which disabled about 8.5 million Windows devices worldwide and caused huge disruption to emergency services, airports, law enforcement, and other critical organisations. SEE: What is CrowdStrike? Everything You Need to Know However, this is far from the first instance of a supply chain …

Top Vulnerability Management Tools: Reviews & Comparisons 2024

Top Vulnerability Management Tools: Reviews & Comparisons 2024

There are more vulnerabilities around than ever. The Verizon Data Breach Investigations Report highlighted an almost 200% growth in the exploitation of vulnerabilities in 2023. In the first seven months of 2024, new vulnerabilities rose by another 30% compared to the previous year. No wonder vulnerability management tools are becoming a staple of the enterprise cybersecurity arsenal. “Vulnerability management is a core function of cybersecurity,” said Michelle Abraham, research director, Security and Trust at IDC. “Leaving vulnerabilities without action exposes organizations to endless risk since vulnerabilities may leave the news but not the minds of attackers.” 1 Semperis Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Enterprise (5,000+ Employees), Large (1,000-4,999 Employees) Enterprise, Large Features Advanced Attacks Detection, Advanced Automation, Anywhere Recovery, and more 2 ESET PROTECT Advanced Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999), Enterprise (5,000+) Any Company Size Any Company Size Features Advanced Threat Defense, Full Disk Encryption , Modern Endpoint Protection, and more 3 NordLayer Employees per Company Size Micro (0-49), …

The Rise in Nation-State Cyber Threats

The Rise in Nation-State Cyber Threats

Today’s threat landscape includes nation-state actors as well as attackers looking to test their skills or turn a profit. AT ISC2 Security Conference in Las Vegas, CISA advisor and former New York Times cybersecurity journalist Nicole Perlroth took the stage to discuss what has changed over the last 10 years of cyber warfare. Her presentation was the capstone of the conference, held Oct. 13-16. Nation-state attackers look for ‘target-rich, cyber-poor’ victims Perlroth presented a timeline of nation-state attacks she covered throughout her journalism career, from 2011 to 2021. Barriers to entry for attackers have worsened since she began her career, with ransomware-as-a-service evolving into “a well-oiled economy.” The CrowdStrike outage showed how much a widespread attack could disrupt operations. While it used to be conventional wisdom that the United States’ geographical location kept it isolated from many threats, “those oceans don’t exist anymore” when it comes to the cyber landscape, Perlroth said. Likewise, the digital “edge” has transformed into the world of the cloud, software as a service, and hybrid workforces. “The new edge is …

AI-Generated Code is Causing Outages and Security Issues in Businesses

Businesses using artificial intelligence to generate code are experiencing downtime and security issues. The team at Sonar, a provider of code quality and security products, has heard first-hand stories of consistent outages at even major financial institutions where the developers responsible for the code blame the AI. Amongst many other imperfections, AI tools are not perfect at generating code. Bilkent University researchers found that the latest versions of ChatGPT, GitHub Copilot, and Amazon CodeWhisperer generated correct code just 65.2%, 46.3%, and 31.1% of the time, respectively. Part of the problem is that AI is notoriously bad at maths because it struggles to understand logic. Plus, programmers are not known for being great at writing prompts because “AI doesn’t do things consistently or work like code,” according to Wharton AI professor Ethan Mollick. SEE: OpenAI Unveils ‘Strawberry’ Model, Optimized for Complex Coding and Math Could ‘insufficient reviews’ be a factor? In late 2023, more than half of organisations said they encountered security issues with poor AI-generated code “sometimes” or “frequently,” as per a survey by Snyk. …

Microsoft Plans to Make Windows More Resilient to CrowdStrike-Like Incidents via New Platform

Microsoft on Thursday announced plans to make Windows more resilient to incidents caused by security firms, such as the global outage caused by CrowdStrike earlier this year that took millions of Windows computers offline for more than a day. At a security summit hosted by the company, the Windows maker said it would assist these security vendors in modifying their solutions to operate outside kernel mode on Windows, which provides an elevated level of access to the system along with more advanced functionality. In a statement issued after its recently concluded Windows Endpoint Security Ecosystem Summit, Microsoft said that it discussed the creation of new platform capabilities on Windows that would enable security vendors to offer more features outside of the Windows kernel, which in turn would improve security on the operating system.  Existing security solutions for Windows involve the use of software that runs at the Windows kernel level, which provides these apps with a greater degree of access to the system compared to regular applications. They can also scan other apps that are …