CrowdStrike catches insider feeding information to hackers
American cybersecurity firm CrowdStrike has confirmed that an insider shared screenshots taken on internal systems with unnamed threat actors. [...]
CrowdStrike is a cybersecurity platform whose endpoint protection, incident response, and vulnerabilities can affect organizational systems and data.
Search across headline titles and summaries.
Background for this topic.
CrowdStrike provides a cloud-native endpoint detection and response platform that monitors devices for malicious activity using behavioral analytics and threat intelligence. Its architecture relies on lightweight agents that continuously collect and analyze endpoint data in real time, enabling rapid identification of malware, fileless attacks, and advanced persistent threats. The platform’s cloud-based design allows centralized visibility and automated threat hunting across distributed environments.
Security practitioners should note that CrowdStrike’s reliance on cloud connectivity introduces potential risks if agent communication channels are disrupted or compromised. Additionally, the platform’s extensive telemetry collection raises privacy considerations and requires careful access controls. Effective deployment involves tuning detection rules to reduce false positives while ensuring timely alerts for sophisticated intrusions, making it a critical tool for proactive endpoint defense and incident investigation workflows.
Weekly headline count for the current query.
American cybersecurity firm CrowdStrike has confirmed that an insider shared screenshots taken on internal systems with unnamed threat actors. [...]
The Clop ransomware gang has been exploiting a critical Oracle E-Business Suite (EBS) zero-day bug in data theft attacks since at least early August, according to cybersecurity company CrowdStrike. [...]
Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated worm-style campaign dubbed 'Shai-Hulud' started yesterday with the compromise of the @ctrl/tinycolor npm package, and has now expanded to CrowdStrike's npm namespace. [...]
Microsoft and CrowdStrike announced today that they've partnered to connect the aliases used for specific threat groups without actually using a single naming standard. [...]
PowerSchool has published a long-awaited CrowdStrike investigation into its massive December 2024 data breach, which determined that the company was previously hacked over 4 months earlier, in August, and then again in September. [...]
CrowdStrike is warning that a phishing campaign is impersonating the cybersecurity company in fake job offer emails to trick targets into infecting themselves with a Monero cryptocurrency miner (XMRig). [...]
The legal spars between Delta Air Lines and CrowdStrike are heating up, with the cybersecurity firm claiming that Delta's extended IT outage was caused by poor disaster recovery plans and the airline refusing to accept free onsite help in restoring Windows devices. [...]
Cybersecurity company CrowdStrike has been sued by investors who say it provided false claims about its Falcon platform after a bad security update led to a massive global IT outage causing the stock price to tumble almost 38%. [...]
US-based enterprise software company JumpCloud was breached by North Korean Lazarus Group hackers, according to security researchers at SentinelOne and CrowdStrike. [...]
Hackers are impersonating well-known cybersecurity companies, such as CrowdStrike, in callback phishing emails to gain initial access to corporate networks. [...]
A Crowdstrike report looking into access brokers' advertisements since 2019 has identified a preference in academic, government, and technology entities based in the United States. [...]