Lucene search
+L
CarbonblackMost viewed

849 matches found

Carbon Black Blog
Carbon Black Blog
added 2017/07/06 7:17 p.m.99 views

Announcing the July ‘17 Release of Cb Defense

Editor's Note: If you are looking for the May 2017 Cb Defense release content, please scroll to the bottom of this page. This week, we’re happy to announce the rollout of the July ‘17 update of Cb Defense. Following the May ‘17 release, we heard a tremendous amount of positive feedback on the new...

6.5AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/03/05 6:7 p.m.98 views

Partner Perspectives: Endpoint Security Analytics with Sumo Logic and Carbon Black

As the threat landscape continues to expand, having end-to-end visibility across your modern application stack and cloud infrastructures is crucial. Customers cannot afford to have blind spots in their environment; and that includes data being ingested from third-party tools. With the industry...

0.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/11/15 6:0 p.m.98 views

Re-designing Linux Security: Do No Harm – Introduction

Carbon Black recently published a report on the challenges of securing Linux-based operating systems and how Carbon Black is redesigning the approach. For more information about how the Cb Predictive Security Cloud, Carbon Black's consolidated endpoint security platform, helps enterprises cut cos...

6.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/08/12 12:0 p.m.97 views

Binee: Outsmarting Malware with Next-Generation Process Emulation

The Problem with Malware Analysis Threat researchers get thousands of samples of malware every day and, as every researcher knows, it is very difficult to analyze them in a way that allows for intelligent decisions regarding whether a sample’s reputation is good or bad. There are already some qui...

1.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/07/31 1:9 p.m.97 views

CB TAU Threat Intelligence Notification – MegaCortex Ransomware

MegaCortex is a unique form of ransomware that was initially discovered earlier this year. It proved to be a very complex form of malware that required additional steps of operation that were only recoverable during incident responses. Since then, MegaCortex has been updated to become more generi...

7.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/07/15 3:36 p.m.97 views

Our Approach to Data Engineering

Our Approach to Data Engineering At Carbon Black, our R&D team is working on the cutting edge of data engineering. We’ve developed our own language and make our data compile down to bytecode to process super-fast. We’re pushing the boundaries of Kubernetes and Kinesis. And we’re having a blast...

0.7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/04/04 4:44 p.m.96 views

CB TAU Threat Intelligence Notification: Email VBS Downloader Connects to C2 Server, Downloads Trickbot Payload

Carbon Black recently learned a customer had received a malicious email attached with a zip file which contained a malicious VBS script file. This malicious VBS downloader will connect to a Command & Control server and then download a malicious payload which contains Trickbot onto the victim’s...

1.6AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/10 3:57 p.m.96 views

TAU Threat Intelligence Notification: Israbye Wiper

Summary Israbye is a disk wiper first discovered by a researcher in August 2017, as reported by Bleeping Computer. A newer sample has since been discovered, which appears to timely coincide with a recent news story that references the Al-Aqsa mosque. This mosque is also referenced within the...

1.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/11/27 6:0 p.m.96 views

Building Better Evaluation Criteria for Linux Security

Carbon Black recently published a report on the challenges of securing Linux-based operating systems and how Carbon Black is redesigning the approach. For more information about how the Cb Predictive Security Cloud, Carbon Black's consolidated endpoint security platform, helps enterprises cut cos...

7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/10/31 9:8 p.m.96 views

Chinese Threat Actors Indicted For Stealing Aviation Trade Secrets

Hot on the heels of the Carbon Black Quarterly IR Threat Report, specifically calling out increased cybercrime activity from China, the US Department of Justice has indicted ten Chinese Nationals for perpetrating attacks against U.S. and French aviation companies in a stunning display of state...

0.4AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/08/27 4:42 p.m.96 views

Threat Analysis: Recent Attack Technique Leveraging cmd.exe and PowerShell Demonstrates How Attackers Are Using Trusted Microsoft Applications for Malicious Behavior

An attack leveraging cmd.exe and PowerShell was recently investigated by Cb ThreatSight analysts. Our initial investigation discovered that a batch file was executed on the targeted system. This batch file then invoked PowerShell with a base64 encoded command. Decoding the command revealed a seri...

Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/20 4:6 p.m.95 views

Five Carbon Black Team Members Honored on CRN’s 2019 Women of the Channel List, One Named to the Power 100 List

We are excited to announce that five of Carbon Black’s talented employees have been named to CRN’s 2019 Women of the Channel list: Christine Bufalini, Senior Marketing Director Melanie Holterhoff, Channel Marketing Manager Toni Pommet, Senior Channel Marketing Manager Ashley Tranfaglia, Senior...

1.9AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/03/05 10:36 p.m.95 views

Carbon Black + VMware at RSA2019: Working Together to Secure the Digital Workspace

VMware and Carbon Black have a strong history of working together to fundamentally change the model for securing the virtualized data center, a concept that is resounding with attendees here at RSA2019 in San Francisco. A little more than a year ago, we announced a jointly developed, integrated...

0.3AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/14 9:32 p.m.94 views

New CB LiveOps Release Brings Recommended Queries to Users

Security & IT teams often have no reliable way to check on the current status of their endpoints across their enterprise. This forces these teams to piece together information from multiple management consoles in order to get answers about the health of their entire fleet. Even when they do have...

6.9AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/03/18 5:45 p.m.94 views

Why DevOps is Becoming More Like DevSecOps

Editor's Note: Sam Bocetta, a guest author on the Carbon Black blog, is a freelance journalist specializing in U.S. diplomacy and national security, with emphases on technology trends in cyber warfare, cyber defense, and cryptography. In the year 2000, a Time magazine essay authored by Steward...

0.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/02/12 7:37 p.m.94 views

TAU Threat Intelligence Notification: New macOS Malware Variant of Shlayer (OSX) Discovered

Carbon Black’s Threat Analysis Unit TAU recently discovered a new variant of a family of macOS malware which was first discovered in February of 2018 by researchers from Intego. TAU has obtained new samples of this malware and observed downloads of the malware from multiple sites, primarily...

1.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/11/19 3:44 p.m.94 views

6 Signs of Successful Threat Hunting

When a threat hunting program is established by an organization, their goal is to proactively hunt threats, with a focus on newer, more sophisticated attacks for which reliable signatures or indicators are not yet available. Bonus: Check out the "Top 5 Threat Hunting Myths" However, without an...

0.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/20 3:0 p.m.93 views

Threat Intelligence – What It Is and Why You Need It

Threat intelligence is a broad term. Some might think it refers to having information about what threats are out there. But in the evolved world of cybersecurity, threat intelligence is actually a verb. Cybersecurity threat intelligence is the ability to take closed-source or open-source data fro...

0.5AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/12/31 6:46 p.m.93 views

CB Customer Spotlight: Q&A with Kaas Tailored’s Joe Mrazik

For the past eight years, Joe Mrazik has taken on the role of Network Administrator for Kaas Tailored, protecting the company’s endpoints with CB Defense. Kaas Tailored is an aerospace and furniture manufacturing company that supplies parts to aerospace companies like Boeing. Read on to learn how...

7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/11/30 3:30 p.m.93 views

Why I’m Ecstatic About the MITRE ATT&CK Results

Yesterday, MITRE published the results of its first public evaluation of endpoint detection & response EDR vendors based on its increasingly-popular ATT&CK framework. The ATT&CK evaluations are a new approach to EDR testing - open, sophisticated, rigorous, and reflective of the real world. We...

0.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/06/04 1:46 a.m.92 views

TAU Threat Analysis: Medusa Locker Ransomware

In recent weeks Carbon Black’s Threat Analysis Unit TAU has seen an increase in the number of infections attributed to the Medusa Locker ransomware family. There were notable traits exhibited by Medusa Locker in these attacks that warranted further investigation to determine behavioral tactics th...

7.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/26 6:41 p.m.92 views

The Dukes of Moscow

Overview APT29, also known as The Dukes or Cozy Bear, is a cyberespionage group active since at least 2008. It’s believed that the group operates either under the Russian Foreign Intelligence Service SVR or the Russian Federal Security Service FSB. They primarily target western governments and...

9.3CVSS6.7AI score0.86979EPSS
Exploits4
Carbon Black Blog
Carbon Black Blog
added 2019/07/31 3:11 p.m.92 views

Introducing the Cognitive Attack Loop and the 3 Phases of Cybercriminal Behavior

We have a fundamental saying at Carbon Black: “Cybersecurity is all about the data.” I love this saying. In understanding the data, we can better understand behaviors. And, in better understanding behaviors, we can better understand attackers. Much like a detective in the physical world pieces...

1.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/07/10 4:23 p.m.92 views

CB TAU Threat Intelligence Notification: SEON Ransomware Distributed via Drive-By Attack Campaign

SEON Ransomware ver 0.2 was found being distributed by the GreenFlash Sundown exploit kit via a drive-by-attack campaign. After performing the encryption, SEON will drop and display the following ransom note and append ‘.fixt’ as the extension to the encrypted file. Figure 1: Screenshot of the...

7.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/24 2:52 p.m.92 views

Why You Should Join Carbon Black at QueryCon 2019

Carbon Black Joining Trail of Bits to Support QueryCon 2019 We are excited to announce that Carbon Black will be joining with Trail of Bits and Kolide to sponsor QueryCon 2019. QueryCon is a conference dedicated to Osquery, an open source tool that allows users to query their devices like a...

0.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/10/31 2:42 p.m.92 views

Cybersecurity Awareness Month: Cb Customer Spotlight with Stonewall Kitchen’s William Bocash

Editor's Note: Stonewall Kitchen upgraded to next-gen AV with Cb Defense and Cb Protection. William Bocash an I.T. Manager for Stonewall Kitchen and author of this blog has more than 17 years experience in the information technology industry, and recently attended Cb Connect 2018. To wrap up the...

7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/10/04 2:0 p.m.92 views

Partner Perspectives: Integrate your SIEM, UEBA + EDR Solution with Securonix and Carbon Black

Nitin Agale is the Senior VP of Products for Securonix. Your endpoints are a valuable part of your enterprise structure. They are the computers your employees use and the servers your company depends on. Defending your endpoints is important, but it’s critical that your endpoint defense is just o...

1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/12/18 6:0 p.m.91 views

Top 5 Threat Hunting Myths: “Threat Hunting Is Too Expensive”

The cybersecurity landscape is in a constant state of change and, as many organizations have learned, it’s no longer a matter of if you’ll face a cyberattack, but when. In today’s world, attackers intentionally look normal to evade automated defenses. With the rise of ransomware, fileless and...

6.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2017/10/13 2:53 p.m.91 views

October 13, 2017 – Morning Cyber Coffee Headlines – “Friday the 13th” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! October 13, 2017 - Headlines Carbon Black in the News: Equifax’s website may ha...

6.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2017/09/08 2:7 a.m.90 views

Lessons from the Equifax Breach

When we see a car wreck it’s very easy to slow down and gawk. The first thing we think is “Wow, that’s awful,” quickly followed by “Whew… glad that wasn’t me,” and then we drive on. Most of us don’t spend time thinking about how the wreck happened -- we were just glad it wasn’t us. A similar...

6.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2017/07/14 1:49 p.m.90 views

July 14, 2017 – Morning Cyber Coffee Headlines – “Bastille Day” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! July 14, 2017 - Headlines Carbon Black in the News: US Voters Consider Russia t...

6.6AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/02/21 2:27 a.m.89 views

Threat Analysis: Active C2 Discovery Using Protocol Emulation Part2 (Winnti 4.0)

Summary The VMware Carbon Black Threat Analysis Unit TAU previously released a blog post documenting the Winnti version 4.0 malware. The new command and control C2 protocol that was implemented in one of the 4.0 samples was completely different from the existing understanding of the 3.0 protocol...

Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/09/30 2:23 p.m.89 views

CB Threat Analysis Unit: Technical Analysis of “Crosswalk”

The technical analysis is related to the TAU-TIN for the same malware which can be located in this post. FireEye recently reported on APT41, a Chinese state sponsored espionage group. The group has been documented as targeting healthcare, high-tech, and telecommunications companies for traditiona...

7.9AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/06/05 2:10 p.m.89 views

Healthcare Cyber Heists in 2019

Healthcare organizations are increasingly being targeted by cyberattacks due to the gold mine of personal data they possess. The potential, real-world effect these attacks can have is substantial. See the WannaCry and NotPetya ransomware attacks of 2017. Click here to download the full report fro...

1.6AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/03/26 5:0 p.m.89 views

Real World Examples Demonstrating the Need for Mature Threat Hunting

A recent article discussed the keys to becoming a level 4 maturity threat hunting program. This article will bring these concepts into the real world by discussing examples of attacks that required that high level of threat hunting maturity to find them and defend against them. The case studies...

7.5AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/22 5:35 p.m.89 views

How CB LiveOps Helps with Vulnerability Assessment

Security and IT Operations teams often have no reliable way to assess the current state of endpoints across their enterprise, leading to increased risk of breach, inability to make informed remediation decisions, and unnecessary spending on infrastructure maintenance. A real-time endpoint query a...

0.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2017/07/19 12:4 p.m.89 views

July 19, 2017 – Morning Cyber Coffee Headlines – “Rosetta Stone” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! July 19, 2017 - Headlines Cyberattack on Ukrainian Clinics, Pharmacies Worries...

6.6AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/07/10 4:11 p.m.88 views

CB TAU Threat Intelligence Notification: Buran Ransomware

Recently there was malvertising campaign which would redirect users to RIG exploit kit and then infecting victim’s computer with a new ransomware named as Buran Ransomware. It will drop a ransom note named ‘!!! YOUR FILES ARE ENCRYPTED !!!.txt’ and append victim’s personal ID as extensions to the...

6.9AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/12/21 2:3 p.m.88 views

Cybersecurity Skills Gap: “There’s No Silver Bullet to Solving the Problem” & Other Takeaways From the Toronto Global Forum

Last week, I ventured up to the beautiful city of Toronto — and while I’d love to go back for pleasure, this trip was strictly business. The Toronto Global Forum is an international conference that brings together heads of states, central bank governors, ministers and global economic decision...

Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/06/04 8:24 p.m.88 views

Carbon Black TAU Threat Analysis: Emotet Banking Trojan Leverages MS Office Word Docs, PowerShell to Deliver Malware

Emotet is a family of banking malware, which has been around since at least 2014. Attackers continue to leverage variants of Emotet and are becoming increasingly shrewd in the techniques they employ to deliver the malware onto an infected system. In the spring of 2018 Carbon Black's Threat Analys...

0.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2017/11/16 12:58 p.m.88 views

November 16, 2017 – Morning Cyber Coffee Headlines – “Space Jam” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! November 16, 2017 - Headlines White House Releases New Charter for Using,...

6.7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2017/11/14 4:23 p.m.88 views

Carbon Black TAU Threat Analysis: A Deeper Look at BadRabbit Shows Overlapping Similarities to NotPetya

BadRabbit was a ransomware variant initially detected in the wild on October 24, 2017. On that day, Carbon Black and several other research organizations conducted triage analysis of the sample and provided write ups. Carbon Black also provided an internal post in the User Exchange documenting IO...

7.6AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/07/20 3:0 p.m.87 views

Partner Perspectives: How Axonius and Carbon Black Make Seeing and Securing All Assets Radically Simple

Back in the 1990s, visibility and security were much easier. In the workplace, users connected their laptops and desktops to a network through a cable. Asset inventory was as simple as walking from cubicle to cubicle or entering specs into a spreadsheet. And then, of course, things became much mo...

0.3AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/08/12 1:9 p.m.86 views

CB TAU Threat Intelligence Notification – Karagany Malware

Secureworks recently reported in regards to an update of Karagany malware last month. The malware is used by the IRON LIBERTY threat group also known as DragonFly2.0 and Energetic Bear, targeting energy companies and organizations. Carbon Black Threat Analysis Unit TAU provides the product rules ...

0.7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/22 3:5 p.m.86 views

How CB LiveOps Enhances Your Security

If you’re using Carbon Black products, you are already familiar with the actionable insights they provide. Whether you’re doing root cause analysis or setting up policies around what applications are allowed to run on your machines, Carbon Black gives you the tools you need to understand and take...

0.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/12/13 5:31 p.m.85 views

VMware Carbon Black TAU Malware Analysis: Tofsee Botnet Resurfaces

Tofsee is a botnet which has not been reported on since the following analysis in September of 2016 by the Cert Polka team and Cisco Talos. This updated campaign employs new techniques in order to aggressively send large volumes of spam emails primarily targeting the adult dating scene. This new...

7.4AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/16 3:0 p.m.85 views

Four Steps to Becoming a Threat Hunter

Roles in cybersecurity have evolved to now include the title of “Threat Hunter”. It sounds cool, but I’m sure many of you are wondering what it really means and how it is different from the job you’ve been doing. Up until now, most of us have performed a job more akin to “Threat Wrangler”. Once...

7.4AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/03 6:0 p.m.85 views

Top 5 Threat Hunting Myths: “Threat Hunting Is Just a Fad”

The cybersecurity landscape is in a constant state of change and, as many organizations have learned, it’s no longer a matter of if you’ll face a cyberattack, but when. In today’s world, attackers intentionally look normal to evade automated defenses. With the rise of ransomware, fileless and...

6.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2017/10/05 1:25 p.m.85 views

October 5, 2017 – Morning Cyber Coffee Headlines – “Ball-Point Pen” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! October 5, 2017 - Headlines Carbon Black in the News: Advanced Threat Analytics...

6.7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2017/09/29 1:1 p.m.85 views

September 29, 2017 – Morning Cyber Coffee Headlines – “Autumn” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! September 29, 2017 - Headlines NY Regulator Says Equifax Making Progress on...

6.6AI score
Exploits0
Total number of security vulnerabilities849