849 matches found
Carbon Black and Chronicle: Stronger Cybersecurity through Big Data and Analytics
This is another exciting day for cybersecurity professionals, for Carbon Black and for me personally. It’s also a very exciting way to kick of RSA 2019! Earlier today, we announced an exciting new integration with Chronicle Security to harness the power of big data and analytics. Our goal is to...
Cb Customer Spotlight Series: Q&A with Integral’s Sean McFeely
Featuring Sean McFeely, Sr. Information Analyst at Valvoline’s Integral Defense This year at Cb Connect 2018, we had our first ever Developer Day to recognize our vibrant partner and developer ecosystem. We had an amazing group of 100 developers attend, culminating in a hackathon. Sean McFeely, S...
Cb ThreatSight Investigation Reveals RETADUP Worm Leverages AutoIt to Launch Monero Cryptomining Campaign
While monitoring a customer’s environment, the Carbon Black ThreatSight team discovered a series of unusual alerts. Further investigation of the suspect processes revealed these alerts were related to an attacker leveraging the open-source Monero framework to launch a crypto-mining campaign. Afte...
October 25, 2017 – Morning Cyber Coffee Headlines – “World Series” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! October 25, 2017 - Headlines Carbon Black in the News: How Wi-Fi KRACK...
August 21, 2017 – Morning Cyber Coffee Headlines – “Solar Eclipse” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! August 21, 2017 - Headlines Carbon Black in the News: Trump increases status of...
Detecting Fileless Attacks with Enterprise EDR’s AMSI Visibility
If this year’s 2020 Cybersecurity Outlook Report taught us anything, it’s that defenders are seeing an increasing amount of defense evasion techniques in their environments. It’s crucial for security teams to have the granular visibility they need to spot malicious attacker behavior, however...
What Makes Island Hopping a Formidable Threat?
Island hopping is a technique used by cybercriminals to exploit less sophisticated organizations in order to breach their larger affiliates. Attackers use vulnerabilities in the first company’s defenses as a point of entry to the second. This is no small threat. In fact, half of cyber attacks tod...
Partner Perspectives: ThreatConnect and Carbon Black: Incorporating Threat Intel for Quicker Incident Response
Megan Horner is the Director of Product Marketing for ThreatConnect. When it comes to incident response, there’s typically a focus on three main stages: investigation, containment, and remediation. Moving from one stage to the next as efficiently as possible is critical to expediting response...
Why Our Customers Love the PSC
As the cybersecurity world advances, organizations are starting to embrace cloud-based security platforms. More and more Carbon Black customers are moving to the CB Predictive Security Cloud PSC, an extensible cloud platform that consolidates security and provides you everything needed to secure...
Partner Perspectives: Defense in Depth with Carbon Black and ProtectWise
Ramon Peypoch is the Chief Product Officer for ProtectWise. Navigating the number of enterprise security point products used to defend against today’s threat landscape can be overwhelming. Some sources say the average enterprise uses 75 security products to secure its network. Reducing the number...
Carbon Black: A “Great Place to Work”
I am excited to announce Carbon Black has been certified as a “Great Place to Work” by the Great Place to Work Institute. It’s Carbon Black’s first such accolade on a national level and speaks volumes for our nearly 1,000 employees worldwide who come to work every day to create a world safe from...
Essays from 7 Experts on Moving to a Cloud-Based Endpoint Security Platform
Carbon Black recently published a series of essays about the experiences of experts in the field on information security as they moved their endpoint security program to the cloud; this is one of those essays. To read the full series check out 7 Experts on Moving to a Cloud-Based Endpoint Securit...
August 4, 2017 – Morning Cyber Coffee Headlines – “Gerald R. Ford ” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! August 4, 2017 - Headlines Why can't films and TV accurately portray hackers? -...
The CIO Will Report to the CISO: The Why
Note: This article originally appeared on LinkedIn Pulse. If you disagree with me, please visit the LinkedIn post to join the comments we've gotten so far. As a community we need the open discussion to advance our collective thinking. If you agree, please like, comment and/or share the post. It’s...
“The 101” – Episode 1 – What is a Non-Malware Attack?
Welcome to our new video series, “The 101!” This weekly security series aims to do one thing: define endpoint security, one question at a time. Tune in each week as we tackle a new term, concept or comparison in our ongoing effort to cut through the noise and provide clear definitions. Security c...
TAU Threat Discovery: Cryptocurrency Clipper Malware Evolves
Clipper malware is designed to steal cryptocurrency from victims by replacing wallet addresses in the victim’s clipboard with wallet addresses that belong to the attacker. This stealthy technique is designed to silently trick the victim when making what appears to be a legitimate cryptocurrency...
Through the Years: an Inside Look at Carbon Black Technology
An early Carbon Black customer and Red Canary detection engineer provides perspective on Carbon Black’s technology evolutions. This post was originally published by our partner Red Canary on May 30, 2019. Back in 2013, I was one of the first security professionals to deploy Carbon Black. This was...
Carbon Black Global Threat Report: ‘The Year of the Next-Gen Cyberattack’
In 2016, fileless attacks such as PowerWare and the alleged hack against the Democratic National Committee DNC stole sensitive information and global headlines. In 2017, WannaCry, NotPetya and BadRabbit demonstrated ransomware’s global ubiquity. Then, as we kicked off 2018, the Spectre and Meltdo...
Untainted By Design: How Our MITRE ATT&CK Results Demonstrate the Resilience of Carbon Black
I started my career in cybersecurity 10 years ago as a Technical Operations Officer in the US Intelligence Community, where I had a first-hand view into the most sophisticated ongoing cyber operations in the world. One thing was always clear: attackers always found ways to stay a step ahead of th...
VIDEO: Unfiltered Endpoint Data – A Platform For Consolidated Endpoint Management
A PLATFORM FOR CONSOLIDATED ENDPOINT MANAGEMENT In our last post of this series, we talked about the key to better endpoint threat detection. It’s all about the data you collect. Across the board, endpoint security solutions use pre-defined signatures or rules to detect threats — only conducting...
Carbon Black & VMware Announce General Availability of Integrated Solution to Secure the SDDC
Securing your software-defined data center SDDC is fundamentally different than securing your end-user computers. Securing the endpoint is no longer enough - attackers have other angles they can take to wreak havoc on your system - but not securing your endpoints would be a big mistake. That’s wh...
October 11, 2017 – Morning Cyber Coffee Headlines – “San Francisco” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! October 11, 2017 - Headlines Carbon Black in the News: Ransomware market soars...
October 3, 2017 – Morning Cyber Coffee Headlines – “Tom Petty” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! October 3, 2017 - Headlines Equifax Says Cyber Attack May Have Hit 2.5 Million...
How VMware Carbon Black Helps Agencies Meet CDM Requirements
When a crime is committed, one of the first things the police do is collect evidence from any security cameras nearby, and these days, cameras are everywhere. That’s a model that federal agencies want to apply to cybersecurity. This constant monitoring of systems to catch bad actors provides the...
Threat Analysis Unit (TAU) Threat Intelligence Notification: CrescentCore (macOS)
In June of 2019, researchers at Intego discovered a new Trojan for macOS systems which they named CrescentCore. Much like Shlayer and other common malware targeting macOS systems, CrescentCore is often delivered via a fake Adobe Flash Player installer or updater. This malware employs multiple...
What’s So Dangerous About Spear Phishing?
Spear phishing is one of the most common and most effective cyberattack vectors seen today. Delivered through email, spear phishing campaigns aim either to infect devices with malware, or to steal important information—like credentials and bank numbers. Spear phishing is targeted at specific grou...
Building a New Language for Data Processing
Building a New Language for Data Translation In previous posts, we’ve talked about the plan for and implementation of EQR Event Query Router—a system we created to solve the problem of querying large quantities of disparate data by end-user analysts in real-time. As with any major project, we fac...
7 Hidden Signs That Your Network is Under Attack
Editor’s Note: Sam Bocetta, a guest author on the Carbon Black blog, is a freelance journalist specializing in U.S. diplomacy and national security, with emphases on technology trends in cyber warfare, cyber defense, and cryptography. When you think of hackers, do you picture some teenage prodigy...
Register for #CBConnect19 in San Diego Using Code SOCIAL50 to Receive 50% Off
In two months, hundreds of security professionals will gather in San Diego for two days of discussion around the future of endpoint security at CB Connect 2019. The event will take place at Hotel Del Coronado June 4-5 with sweeping views of Coronado beach where attendees will hear from robust...
CB Customer Spotlight: Q&A with ALLETE’s Jeff Rotenberger
For five years now, Jeff Rotenberger has served as a cybersecurity analyst for ALLETE, an energy and utilities company providing for the Upper Midwest. Rotenberger and his team have been working with Carbon Black CB APIs and CB Response to greatly reduce time spent on security remediation. Read o...
Cb Response Named Leader in EDR Space by Forrester
Last quarter, Forrester created a report assessing the state of the EDR market and how vendors stack up against one another. A variety of companies were evaluated in three key areas: The strengths and weaknesses of their current offerings. Forrester cited key criteria to include: alerting...
Excerpts from Modern Bank Heists – Threat Hunting Teams & CIR
Carbon Black recently published a report on the newest threats facing the financial world, and how to counteract them. For more information about how Cb Defense, Carbon Black's NGAV + EDR solution, helps enterprises address their endpoint security challenges, check out our weekly Cb Defense Live...
Excerpts from Modern Bank Heists – Ransomware
Carbon Black recently published a report on the latest ransomware attack methods, and how to counteract them. For more information about how Cb Defense, Carbon Black's NGAV + EDR solution, helps enterprises address their endpoint security challenges, check out our weekly Cb Defense Live Demo, eve...
Excerpts from Preparing for NGAV at Scale: Challenges and Approaches
Carbon Black recently published a guide to help enterprises gauge their readiness in their initial search for next-generation antivirus, or NGAV; this is the first excerpt from that guide, which you can find here. For more information about how Cb Defense, Carbon Black's NGAV + EDR solution, help...
August 25, 2017 – Morning Cyber Coffee Headlines – “Air Guitar” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! August 25, 2017 - Headlines Carbon Black in the News: Microsoft's Bid to Save...
August 11, 2017 – Morning Cyber Coffee Headlines – “Alcatraz” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! August 11, 2017 - Headlines Experimental Defense Unit Funds New Tech but Faces...
DirectDefense Incorrectly Asserts Architectural Flaw in Cb Response
Today, a blog was released that incorrectly asserts an architectural flaw in Cb Response that leaks customer data. In fact, this is an optional feature turned off by default to allow customers to share information with external sources for additional ability to detect threats. Cloud-based,...
COVID-19 and HIPAA Enforcement Discretion Leaves Healthcare Organizations Vulnerable to Ransomware Attacks
Patient engagement is a term that has been discussed in healthcare for years. But now, its an urgent priority as providers work to vaccinate millions of Americans. The COVID-19 pandemic has put increased pressure on healthcare providers to ramp up digital communications with patients regarding...
Bringing Intrinsic Security to Containers: VMware Acquires Octarine
UPDATE: On May 27, 2020 VMware officially closed its acquisition of Octarine. The blog post below has been amended to reflect that announcement. Today is a very exciting day for VMware and for our customers as we announce our acquisition of Octarine, whose innovative security platform for...
Keys to Mature to a Level 4 Threat Hunting Program
Three Commonalities Among Level 4 Threat Hunting Programs Threat hunting programs that have reached level 4 maturity have three commonalities: The have implemented automation wherever possible to scale their effectiveness They have developed threat hunting processes to operationalize how they...
RSA Wrap Up: It’s All About The People
RSA 2019 just finished and -- as always -- what a week it was. This year was a personal milestone for me, with the week culminating in my presentation with Gary Hayslip, CISO at WebRoot, titled: “Why the Role of the CISO Sucks and What We Should Do about It.” But, before we get to Friday morning ...
The Key to EDR You Didn’t Know You Were Missing
It’s no longer enough for companies to simply “keep up” in the world of cybersecurity. To prevent attackers from infiltrating your systems, you need to be one step ahead at all times. It’s no wonder, then, that the majority of companies are spending more on cybersecurity than ever before.1 While...
Unlock Your SOC with Exabeam and Carbon Black
Endpoints are not safe. There I’ve said it. The network boundaries are gone and endpoints are left exposed directly to threats. Just like watching my kids move out of the house and worrying about how they will fare in the world on their own, we have to realize endpoints are no longer protected by...
The Ninth Question Today’s CEOs Should Ask (& Know the Answer To)
In a previous blog, we discussed Commander’s Intent for CEOs and introduced 10 questions CEOs should be asking their teams. In this blog series, I am going to take a deeper dive into each question and break them down one at a time. We will discuss why CEOs should care about each question and the...
Value of Integrations Highlighted At Fortinet’s Accelerate 18 Conference
Changing the hearts and minds of security teams is no easy task. Everyone has been told for so long how to protect their environment, and more importantly how to buy the various tools needed to enable that protection. Collectively we’ve adopted the unintentional job of assuming all these things...
Excerpts from Moving Endpoint Security to the Predictive Cloud: Introduction
Carbon Black recently published a whitepaper on the reasons and benefits of moving endpoint security to the cloud; this is the first excerpt from that guide, which you can find here. For more information about how the Cb Predictive Security Cloud, Carbon Black's comprehensive endpoint protection...
September 21, 2017 – Morning Cyber Coffee Headlines – “American Revolution” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! September 21, 2017 - Headlines Carbon Black in the News: IF I KNEW THEN…Eric O'...
Malware That Can’t Clean Its Tracks: CCleaner and Ongoing Supply-Chain Attacks
A new malware compromise identified this week was using malware officially signed and provided by its software manufacturer for public download by millions of people. It’s a move that started the week for many organizations in a state of worry. This week, the Cisco Talos research team disclosed...
August 24, 2017 – Morning Cyber Coffee Headlines – “Mount Vesuvius” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! August 24, 2017 - Headlines Carbon Black in the News: Attacking Critical...
July 26, 2017 – Morning Cyber Coffee Headlines – “Wright Brothers” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! July 26, 2017 - Headlines Carbon Black in the News: Security expert shares tips...