Attackers Use AI to Automate EDR Evasion Testing
Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows Defender.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows Defender.
27 Enterprises Integrate Claude's Compliance APIMore than two dozen enterprise security vendors, including Microsoft, CrowdStrike and Palo Alto Networks, have built integrations with Anthropic's Claude Compliance API, an interface the company launched months ago to give corporate security teams access to Claude activity data.
Once CrowdStrike's nemesis, Microsoft is now a collaborator. A shared interest in Formula 1 helped thaw the years-long fierce rivalry.
Windows 11 Revamp Means No Kernel Access Required for Third-Party Security ToolsNearly one year after a faulty CrowdStrike software update disrupted 8.5 million Windows hosts, causing global IT chaos, Microsoft is previewing multiple resilience changes to Windows, including enabling third-party endpoint security tools to do their magic without needing kernel-level access.
Microsoft and CrowdStrike announced an effort to deconflict the overlapping names of threat groups and reduce confusion for companies, but we've been here before.
Microsoft, CrowdStrike, and pals promise clarity on cybercrew naming, deliver alias salad instead Opinion Microsoft and CrowdStrike made a lot of noise on Monday about teaming up with other threat-intel outfits to "bring clarity to threat-actor naming."…
Microsoft and CrowdStrike have announced that they are teaming up to align their individual threat actor taxonomies by publishing a new joint threat actor mapping
Microsoft and CrowdStrike announced today that they've partnered to connect the aliases used for specific threat groups without actually using a single naming standard. [...]
Georgia Court Allows Claims of Fraud, Trespass Over Falcon Software UpdateDelta can proceed with its lawsuit against CrowdStrike over a July 2024 update that allegedly bypassed Microsoft safeguards and crashed thousands of systems. The judge found that Delta sufficiently alleged fraud, computer trespass and gross negligence, allowing key claims to move forward.
CEO: Neural net tech 'flattens our hiring curve, helps us innovate' CrowdStrike – the Texas antivirus slinger famous for crashing millions of Windows machines last year – plans to cut five percent of its staff, or about 500 workers, in pursuit of "greater efficiencies," according to CEO and co-founder George Kurtz.…
EVP Muhi Majzoub Outlines Integration of TDR, Generative AI Across Core PlatformsOpenText is embedding threat detection, identity protection and generative AI across its cloud and on premise platforms. EVP Muhi Majzoub says the threat detection and response system will integrate with Microsoft Defender, CrowdStrike and others to identify anomalies and stop attacks in real time.
Hackers Use Stolen Certificates to Bypass Endpoint Detection and ResponseA Russian-speaking ransomware group has been deploying a malicious Windows PE driver that imitates a legitimate CrowdStrike Falcon driver to bypass endpoint security, warn researchers. The driver disables endpoint detection and response software by stripping process protections.
Vendors Consolidate Endpoint, Managed Offerings to Combat Major Industry PlayersRising competition from CrowdStrike and Microsoft is driving MDR and EDR providers to consolidate. Companies such as Sophos and Arctic Wolf are acquiring endpoint or managing security technology to enhance detection and response capabilities, signaling a shift toward full-stack security solutions.
Sluggish Sales Growth and Lower Relevance in Endpoint Could Make Trend AttractiveEndpoint security vendors are changing up their ownership or business models as Microsoft and CrowdStrike increasingly blot out the sun in this rapidly consolidating market. Reuters said that Advent International, Bain Capital, EQT AB and KKR have expressed interest in taking Trend Micro private.
Did we say CrowdStrike? We meant, er, The July Incident... IGNITE The sound of cyber security professionals spraying their screens with coffee could be heard this week as Microsoft claimed, "security is our top priority," as it talked up its Secure Future Initiative (SFI) once again and explained how Windows could be secured.…
Microsoft has announced a new Windows Resiliency Initiative as a way to improve security and reliability, as well as ensure that system integrity is not compromised
Also: CrowdStrike Grilled by Congress; Coalition Against Spyware Abuse Is GrowingIn the latest weekly update, ISMG editors discussed Microsoft's major cybersecurity overhaul in the wake of some high-profile breaches, the latest developments from CrowdStrike's global outage hearing and the expanding U.S.-led coalition against spyware abuse in the EU.
Adam Meyers, CrowdStrike VP for counter-adversary operations, appeared before a US congressional committee to answer questions about its July faulty software update
Argues worse could happen if it loses kernel access CrowdStrike is "deeply sorry" for the "perfect storm of issues" that saw its faulty software update crash millions of Windows machines, leading to the grounding of thousands of planes, passengers stranded at airports, the cancellation of surgeries, and disruption to emergency services hotlines among many more inconveniences.…
Also: Mastercard's Big Acquisition and US Election Security EffortsIn the latest weekly update, ISMG editors discussed the fallout from the CrowdStrike global IT outage on endpoint security tools, Mastercard's monumental acquisition of Recorded Future to bolster its cybersecurity portfolio, and the latest efforts by U.S. officials to secure the 2024 election.