Hunting the Rogue Insiders Operating for FAMOUS CHOLLIMA

Update: 2024-08-21

Description

FAMOUS CHOLLIMA, a new adversary CrowdStrike is tracking, has recently made headlines for its insider threat activity. In April 2024, CrowdStrike Services responded to the first of several incidents in which FAMOUS CHOLLIMA threat actors targeted 30+ US-based companies. The insiders claimed to be US residents and were hired for remote IT positions, which granted them access they exploited to attempt data exfiltration, install malware and conduct other malicious activity. CrowdStrike has now informed more than 100 companies they have hired these threat actors as employees.

In this episode, Adam and Cristian dig into the details of who FAMOUS CHOLLIMA is, how this attack was uncovered and why malicious insider threats are on the rise. They also examine the key findings of the CrowdStrike 2024 Threat Hunting Report, including the growth of cross-domain activity, adversary adoption of remote monitoring and management tools, and the concerning pattern of identity-focused attacks.

Download the CrowdStrike 2024 Threat Hunting Report today: https://www.crowdstrike.com/resources/reports/threat-hunting-report/

Comments

Top Podcasts

The Best New Comedy Podcast Right Now – June 2024 The Best News Podcast Right Now – June 2024 The Best New Business Podcast Right Now – June 2024 The Best New Sports Podcast Right Now – June 2024 The Best New True Crime Podcast Right Now – June 2024 The Best New Joe Rogan Experience Podcast Right Now – June 20 The Best New Dan Bongino Show Podcast Right Now – June 20 The Best New Mark Levin Podcast – June 2024

In Channel

The Latest in China-Taiwan Cyber Tensions

2024-10-2433:30

How CrowdStrike Tracked INDRIK SPIDER from Origin to Takedown

2024-10-1053:35

Small But Mighty: The Kernel’s Essential Role in Cybersecurity Defense

2024-10-0135:24

Coming Soon to Las Vegas: Adversary Universe Previews #FalCon2024

2024-09-1214:12

Intern Spotlight: Starting A Cyber Career with CrowdStrike

2024-08-2936:57

Hunting the Rogue Insiders Operating for FAMOUS CHOLLIMA

2024-08-2131:17

Talking OT Security with Fernando Madureira, Global CISO of Cosan

2024-07-1120:54

How Adversaries Respond to Law Enforcement Takedowns

2024-06-2743:21

When the Adversary Knows They’re Caught

2024-06-1334:52

Unpacking China-India Cyber Tensions

2024-05-3036:32

Understanding Social Engineering with Shelly Giesbrecht, Director, Professional Services

2024-05-2342:47

Hacktivism and the JACKALs Behind It

2024-05-0937:19

Building a Strong Threat Hunting Program with Andrew Munchbach

2024-04-2536:24

Adversary Attribution: What It Means and How It Works

2024-04-1149:45

LIVE from Gov Threat Summit: A Chat with Morgan Adamski, Chief of the NSA’s Cybersecurity Collaboration Center

2024-03-2825:52

CrowdStrike CSO Shawn Henry on Election Security, Nation-State Threats and His FBI Career

2024-03-1444:27

A Human at the Keyboard: CrowdStrike Reports 60% Jump in Interactive Intrusions

2024-02-2212:16

The Dark Personality Traits Fueling Cybercrime

2024-02-1545:06

Demystifying North Korea: Why the "Hermit Kingdom" Is a Cyber Threat to Watch

2024-02-0139:22

AI Through the Defender’s Lens: A Chat with CrowdStrike’s Global CTO

2024-01-1841:36

00:00

Hunting the Rogue Insiders Operating for FAMOUS CHOLLIMA

#box-pro-ellipsis-173082345159789{-webkit-line-clamp:2;}Hunting the Rogue Insiders Operating for FAMOUS CHOLLIMA

Hunting the Rogue Insiders Operating for FAMOUS CHOLLIMA

CrowdStrike

Hunting the Rogue Insiders Operating for FAMOUS CHOLLIMA