Introducing the Cognitive Attack Loop and the 3 Phases of Cybercriminal Behavior

We have a fundamental saying at Carbon Black: “Cybersecurity is all about the data.” I love this saying. In understanding the data, we can better understand behaviors. And, in better understanding behaviors, we can better understand attackers. Much like a detective in the physical world pieces...

CB TAU Technical Analysis: DLTMiner Campaign Targeting Corporations in Asia

A CB customer recently provided a series of commands that they had observed for analysis. The customer felt that the associated attacker activity may have been attempting to tamper with the Carbon Black product. It turned out they were not, but the attackers were specifically looking for the...

Through the Years: an Inside Look at Carbon Black Technology

An early Carbon Black customer and Red Canary detection engineer provides perspective on Carbon Black’s technology evolutions. This post was originally published by our partner Red Canary on May 30, 2019. Back in 2013, I was one of the first security professionals to deploy Carbon Black. This was...

Where Will Ransomware Go In The Second Half Of 2019?

Ransomware has been an evolutionary malware family that continues to shift and change over the years. From the first fakeAV, to police ransomware, to the now oft-used crypto-ransomware, this threat just will not go away. Based on the latest trends, we predict this threat will grow in the second...

SUSE SLED15 / SLES15 Security Update : evolution (SUSE-SU-2019:1266-2)

This update for evolution fixes the following issues : Security issue fixed : CVE-2018-15587: Fixed an issue with spoofed pgp signatures by using specially crafted emails bsc1125230. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...

SUSE-SU-2019:1266-2 Security update for evolution

This update for evolution fixes the following issues: Security issue fixed: - CVE-2018-15587: Fixed an issue with spoofed pgp signatures by using specially crafted emails bsc1125230...

Happy Birthday TaoSecurity.com

Nineteen years ago this week I registered the domain taosecurity.com: Creation Date: 2000-07-04T02:20:16Z This was 2 1/2 years before I started blogging, so I don't have much information from that era. I did create the first taosecurity.com Web site shortly thereafter. I first started hosting it ...

openSUSE Security Update : evolution (openSUSE-2019-1528)

This update for evolution fixes the following issue : Security issue fixed : - CVE-2018-15587: Fixed OpenPGP signatures spoofing via specially crafted email that contains a valid signature bsc1125230. This update was imported from the SUSE:SLE-12-SP3:Update update project. %NASLMINLEVEL 70300 C...

Debian DSA-4457-1 : evolution - security update

Hanno Bock discovered that Evolution was vulnerable to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted HTML email. This issue was mitigated by moving the security bar with encryption and signature information above the message headers. C Tenable Network Security,...

Debian: Security Advisory (DSA-4457-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for evolution (openSUSE-SU-2019:1528-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] [DSA 4457-1] evolution security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4457-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 07, 2019 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4457-1] evolution security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4457-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 07, 2019 https://www.debian.org/security/faq -...

Security update for evolution (moderate)

openSUSE Security Update: Security update for evolution Announcement ID: openSUSE-SU-2019:1528-1 Rating: moderate References: 1125230 Cross-References: CVE-2018-15587 Affected Products: openSUSE Leap 42.3 An update that fixes one vulnerability is now available. Description: This update for...

DSA-4457-1 evolution - security update

Bulletin has no description...

Newly-Identified BEC Cybergang Targets U.S. Enterprise Victims

LONDON, U.K. – Researchers have identified a highly-sophisticated Nigerian business email compromise gang targeting U.S enterprises and government institutions. The cybercrime group, dubbed Scattered Canary, has evolved over the past 10 years from a one-man shop working Craigslist scams into a...

SUSE SLED12 Security Update : evolution (SUSE-SU-2019:1391-1)

This update for evolution fixes the following issue : Security issue fixed : CVE-2018-15587: Fixed OpenPGP signatures spoofing via specially crafted email that contains a valid signature bsc1125230. Note that Tenable Network Security has extracted the preceding description block directly from the...

SUSE-SU-2019:1391-1 Security update for evolution

This update for evolution fixes the following issue: Security issue fixed: - CVE-2018-15587: Fixed OpenPGP signatures spoofing via specially crafted email that contains a valid signature bsc1125230...

Ubuntu 16.04 LTS / 18.04 LTS : Evolution Data Server vulnerability (USN-3998-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3998-1 advisory. Marcus Brinkmann discovered that Evolution Data Server did not correctly interpret the output from GPG when decrypting encrypted messages. Under certa...

Ubuntu: Security Advisory (USN-3998-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...