Clik here to view.
CrowdStrike Falcon® Stops Modern Identity-Based Attacks in Chrome
A novel technique that reduces the overhead in extracting sensitive data from Chromium browser’s memory was recently found by researchers from CyberArk Labs Existing access to the targeted system is...
View ArticleClik here to view.
A Deep Dive into Custom Spark Transformers for Machine Learning Pipelines
Modern Spark Pipelines are a powerful way to create machine learning pipelines Spark Pipelines use off-the-shelf data transformers to reduce boilerplate code and improve readability for specific use...
View ArticleClik here to view.
Improving CrowdStrike Falcon® Detection Content with the Gap Analysis Team
CrowdStrike is always looking for innovative ways to improve detection content for our customers. We believe a multifaceted approach that combines customer input, standardized testing and internal...
View ArticleClik here to view.
The Anatomy of Wiper Malware, Part 1: Common Techniques
This is the first blog post in a four-part series. Read Part 2 | Part 3 | Part 4. This blog post is the first in a four-part series in which CrowdStrike’s Endpoint Protection Content Research Team will...
View ArticleClik here to view.
The Anatomy of Wiper Malware, Part 2: Third-Party Drivers
This is the second blog post in a four-part series. Read Part 1 | Part 3 | Part 4. In Part 1 of this four-part blog series examining wiper malware, we introduced the topic of wipers, reviewed their...
View ArticleClik here to view.
The Anatomy of Wiper Malware, Part 3: Input/Output Controls
This is the third blog post in a four-part series. Read Part 1 | Part 2 | Part 4. In Part 1 of this four-part blog series examining wiper malware, the CrowdStrike Endpoint Protection Content Research...
View ArticleClik here to view.
Playing Hide-and-Seek with Ransomware, Part 1
Intel SGX technology enables developers to isolate and encrypt a portion of code and data in the processor and memory in a trusted execution environment, known as an enclave. As enclaves are...
View ArticleClik here to view.
The Anatomy of Wiper Malware, Part 4: Less Common “Helper” Techniques
This is the fourth blog post in a four-part series. Read Part 1 | Part 2 | Part 3. In Part 3, CrowdStrike’s Endpoint Protection Content Research Team covered the finer points of Input/Output Control...
View ArticleClik here to view.
Playing Hide-and-Seek with Ransomware, Part 2
In Part 1, we explained what Intel SGX enclaves are and how they benefit ransomware authors. In Part 2, we explore a hypothetical step-by-step implementation and outline the limitations of this method....
View ArticleClik here to view.
Spotlight on the Log-Structured Merge (LSM) Tree: One of the Keys Enabling...
In a previous post, our team shared our Three Best Practices for Building a High-Performance Graph Database. That was written two years ago, when CrowdStrike Threat Graph® was processing billions of...
View Article