crowdstrike

CrowdStrike and Microsoft Are Sharing Data Now. Yes, Really.

John Z Black Apr 5, 2026

Security Operations & Resilience #crowdstrike #microsoft #defender #siem #partnership #falcon

CrowdStrike's Falcon SIEM can now ingest Microsoft Defender telemetry, and Formula 1 is somehow responsible.

Europol Took Down Tycoon2FA. It Was Back in Days, and Smarter Than Before.

John Z Black Mar 31, 2026

Ransomware & Cybercrime #phishing #tycoon2fa #phishing-as-a-service #microsoft-365 #entra-id #conditional-access #mfa #aitm #europol #crowdstrike

Tycoon2FA's rapid return after Europol's March 4 takedown shows why seizing infrastructure doesn't shut down phishing platforms. The operators pre-staged backup infrastructure before the first domain was seized.

Every Major Security Vendor at RSAC Has an AI Agent Now. Here Is What Is Actually Real.

John Z Black Mar 30, 2026

AI Security #rsac-2026 #agentic-soc #ai-security #crowdstrike #wiz #proofpoint #arctic-wolf #greynoise #vendors

CrowdStrike, Wiz, Proofpoint, Arctic Wolf, and GreyNoise all launched agentic AI products at RSAC 2026 -- here's an honest scorecard of what's shipping versus what's still a roadmap.

Tycoon2FA Is Back. It Never Really Left.

John Z Black Mar 24, 2026

Ransomware & Cybercrime #tycoon2fa #phishing-as-a-service #phaas #mfa-bypass #europol #crowdstrike

Europol disrupted Tycoon2FA on March 4. Recovery started the same day. No arrests. By March 23 it was fully operational again. Here's why infrastructure-only takedowns keep failing.

RSAC 2026 Day One: Every Vendor Went Agentic, the Government Went Missing

John Z Black Mar 24, 2026

Policy, Law & Governance #rsac-2026 #ai-security #agentic-ai #cisa #government-cybersecurity #google-cloud #microsoft #crowdstrike #wiz

RSAC 2026 opened with a wave of autonomous AI security launches from Google, Microsoft, CrowdStrike, and Wiz. Reportedly absent from the program: CISA, the FBI, and the NSA.