Toshiba TE-H-1080-CB-* Solid State Starter Detection

Binary data 758014.prm...

Toshiba TE-H-248-CB-* Solid State Starter Detection

Binary data 758006.prm...

Toshiba TE-H-156-CB-* Solid State Starter Detection

Binary data 758004.prm...

Toshiba TE-H-400-CB-* Solid State Starter Detection

Binary data 758008.prm...

Toshiba TE-H-55-CB-* Solid State Starter Detection

Binary data 758000.prm...

Toshiba TE-H-125-CB-* Solid State Starter Detection

Binary data 758003.prm...

Siemens CB 1241 RS485 Communications Adapter Detection

Binary data 750150.prm...

Toshiba TE-H-600-CB-* Solid State Starter Detection

Binary data 758010.prm...

Toshiba TE-H-68-CB-* Solid State Starter Detection

Binary data 758001.prm...

Toshiba TE-H-21-CB-* Solid State Starter Detection

Binary data 757996.prm...

Siemens SIPLUS CB 1241 RS 485 Communications Adapter Detection

Binary data 750139.prm...

CB Customer Spotlight: Q&A with Netflix DVD’s Jimmy Sanders

Recently we sat down with Jimmy Sanders, VP of Information Security at Netflix DVD, to talk about his upcoming presentation for CB Connect, Carbon Black’s customer conference. Sanders was one of the headliners at CB Connect 2018, and this year he will be speaking to his peers in the Security...

Partner Perspectives: Accelerated Alert Handling from Syncurity and Carbon Black

JP Bourget is the Founder and CSO of Syncurity. One of the key Security Orchestration, Automation and Response SOAR use cases I see every day is alert handling. As more and more organizations adopt EDR solutions, like those offered by Carbon Black, Syncurity IR-Flow is able to speed up the alert...

CB TAU Threat Intelligence Notification: Email VBS Downloader Connects to C2 Server, Downloads Trickbot Payload

Carbon Black recently learned a customer had received a malicious email attached with a zip file which contained a malicious VBS script file. This malicious VBS downloader will connect to a Command & Control server and then download a malicious payload which contains Trickbot onto the victim’s...

CB TAU Threat Intelligence Notification: GandCrab 5.2 Ransomware Attempts to Delete Volume Shadow Copies

GandCrab 5.2 ransomware will append seven randomly generated strings as the file extension to each encrypted file and drop a ransom note named as ‘generated file extension-MANUAL.txt’, for example, “office.doc.uahmthl” and “UAHMTHL-MANUAL.txt”. It will also change the desktop background of the...

CB TAU Threat Intelligence Notification: CryptoMix Clop Ransomware Disables Startup Repair, Removes & Edits Shadow Volume Copies

Summary A wew variant of CryptoMix Clop ransomware has been distributed as a binary that is digitally signed and verified which makes it look like a legitimate executable. In addition, CryptoMix Clop ransomware will append ‘.clop’ or ‘.ciop’ as a file extension to the encrypted file and drop a...

Register for #CBConnect19 in San Diego Using Code SOCIAL50 to Receive 50% Off

In two months, hundreds of security professionals will gather in San Diego for two days of discussion around the future of endpoint security at CB Connect 2019. The event will take place at Hotel Del Coronado June 4-5 with sweeping views of Coronado beach where attendees will hear from robust...

Partner Perspectives: ThreatConnect and Carbon Black: Incorporating Threat Intel for Quicker Incident Response

Megan Horner is the Director of Product Marketing for ThreatConnect. When it comes to incident response, there’s typically a focus on three main stages: investigation, containment, and remediation. Moving from one stage to the next as efficiently as possible is critical to expediting response...

Cybersecurity Teardown: Using Hash Values

Welcome to the final installment of Hash Values in our greater Cybersecurity Teardown series. In today's post, we'll cover the 'How' of hash values - which includes: Traiging alerts for deeper research Investigating an issue for malicious activity Reassembling our previous examples within a CB...

CVE-2018-19524

CVE-2018-19524 describes an unauthenticated stack overflow in Skyworth GPON HomeGateways/ONTs (DT741, DT721-cb, DT741-cb variants) caused by a long password in the Web_passwd function. The flaw allows remote attackers to trigger a denial of service (segmentation fault) or potentially achieve remo...