Adversaries love (ab)using security software – why wouldn’t they? Security software as a target Security tooling is widely deployed, typically controllable remotely, and usually runs with elevated privs. This makes attackers greedy for credentials to security back-ends, and we can exploit that greed! In this post we introduce our latest Canarytoken: the CrowdStrike API Key Adversaries are always on the lookout for credentials, and by placing decoy keys in their path it’s possible to detect them early. They love API …
Thinkst Thoughts