CVE-2019-10600

Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon...

PT-2020-6467

Name of the Vulnerable Software and Affected Versions QEMU version 4.1.0 Description The issue is related to a heap-based buffer over-read in the iscsi aio ioctl cb function in the block/iscsi.c file. This may disclose unrelated information from process memory to an attacker. The vulnerability is...

Taking Reputation to Scale: An Iterative Journey with an Agile Approach (Part 2)

In Part 1 of this blog, we shared with you the challenges we had in balancing latency, scalability, and cost for our reputation services. In this blog, we’ll give you some insights into each major iteration along that journey, from the beginning to where we are now. 100 requests per second. Befor...

Taking Reputation to Scale: The Delicate Balance of Latency, Scale, and Cost (Part 1)

When it comes to serving reputation, even a millisecond of latency could create havoc, resulting in the unwanted spread of malware and causing costly consequences that no security company or customer wants. And that’s why we, as engineers here at Carbon Black, are constantly working towards...

Introducing Integrated Threat Intelligence from ThreatConnect on the PSC

To effectively defend against attacks, analysts must leverage details from multiple tools to gain an understanding of the actions they need to take to protect their environment. By integrating context from different tools and intelligence feeds into the alerts security teams receive, they have...

CB TAU Threat Intelligence Notification: GermanWiper Ransomware

GermanWiper Ransomware was found distributed via spam email campaign in Germany. It’s a data-wiping malware and the ransom note was written in German language. The malware pretends to be ransomware but is actually a wiper that destroys the data instead of encrypting it. Figure 1: Screenshot of th...

CB TAU Threat Intelligence Notification – Karagany Malware

Secureworks recently reported in regards to an update of Karagany malware last month. The malware is used by the IRON LIBERTY threat group also known as DragonFly2.0 and Energetic Bear, targeting energy companies and organizations. Carbon Black Threat Analysis Unit TAU provides the product rules ...

DEBIAN-CVE-2019-14468

GnuCOBOL 2.2 has a buffer overflow in cbpushop in cobc/field.c via crafted COBOL source code...

Flexible and Controlled Openness: Carbon Black’s API Approach

At Carbon Black, we believe that making our customers successful requires both an open platform and the control they need to build endpoint protection into the ideal security processes they’ve designed for their specific organization. From maintaining relationships with our 100+ integration...

Lessons Learned from the Incident Response Trenches: Investigating and Eradicating Kwampirs

Kroll has deployed CB Response during hundreds of cyber investigations because it can provide insights throughout each stage of the incident response IR process see graphic. One of Kroll’s recent investigations, which involved the Kwampirs malware, illustrates how CB Response helps uncover critic...

cb-cams.com Cross Site Scripting vulnerability

Security Researcher rcdxmlt Helped patch 64 vulnerabilities Received 3 Coordinated Disclosure badges , a holder of 3 badges for responsible and coordinated disclosure, found a security vulnerability affecting cb-cams.com website and its users. Following coordinated and responsible vulnerability...

Boosting Your Linux & Docker Security with CB LiveOps

Today we’re excited to announce Linux support for CB LiveOps, Carbon Black’s real-time endpoint query & remediation solution that helps security teams audit and change the state of their systems. This release expands the product’s footprint to cover all major operating systems, including Amazon...

The 5 Conversations I want to have at CB Connect 2019

In a few weeks, I’ll be attending CB Connect in my hometown of San Diego, CA. If you’ve read my earlier blogs, you know I’m passionate about this event because it brings together some of the best and brightest in the security space to network and collaborate on solving some of our industry’s...

Evolving Threat Hunting with the MITRE ATT&CK Framework at CB Connect

Evolving Threat Hunting with the MITRE ATT&CK Framework – Join me at CB Connect San Diego! There are a number of techniques you can use to uncover security gaps leveraging the MITRE ATT&CK matrix. At CB Connect San Diego, our annual user conference June 4-5th, I will speaking on “How to Evolve Yo...

Toshiba TE-H-55-CB-* Solid State Starter Detection

Binary data 758000.prm...

Toshiba TE-H-21-CB-* Solid State Starter Detection

Binary data 757996.prm...

Toshiba TE-H-40-CB-* Solid State Starter Detection

Binary data 757998.prm...

Toshiba TE-H-125-CB-* Solid State Starter Detection

Binary data 758003.prm...

Toshiba TE-H-248-CB-* Solid State Starter Detection

Binary data 758006.prm...

Toshiba TE-H-45-CB-* Solid State Starter Detection

Binary data 757999.prm...