Lucene search
K
CarbonblackRecent

849 matches found

Carbon Black Blog
Carbon Black Blog
added 2020/04/29 12:49 p.m.46 views

Join Us for the Virtual Connect 2020 Conference

Every year, VMware Carbon Black Connect brings together some of the best and brightest in security to collaborate on solving today’s most pressing problems and to learn about the future of endpoint security. While 2020 marks the first year that Connect will be held in a virtual setting, it does n...

0.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/04/22 3:20 p.m.211 views

MITRE ATT&CK Evaluation Demonstrates the Power of the VMware Carbon Black Cloud

MITRE has released the results for its latest endpoint detection and response EDR product evaluation using its now industry-standard open methodology, the ATT&CK® framework. This year’s results further demonstrate why VMware Carbon Black, now a two-time participant, is a top choice of security an...

7.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/04/20 3:0 p.m.35 views

We Need to Change the Structure of Security to Transform Security

We Need to Change the Structure of Security to Transform Security Tom Corn, Senior Vice President of Security Products at VMware, was recently recorded giving his overview of the fundamental problem companies have with security today. His answer — we’ve got too much happening in silos and too muc...

7.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/04/16 3:49 p.m.55 views

VMware Carbon Black TAU Threat Analysis: The Evolution of Lazarus

On February 14, 2020 the U.S. Department of Homeland Security DHS released a Malware Analysis Report MAR-10271944-1.v1 which provided information about a trojan they referred to as HotCroissant. DHS attributed the trojan to a threat group based in North Korea, often referred to as Hidden Cobra...

0.4AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/04/16 3:0 p.m.36 views

Time for Reflection and Thanks

Most of the programs I ran used calendar years for project planning, budgets, etc. I always found November to be a good time to reflect on the progress made, plan for the next year, and give thanks for all the positive steps in the right direction. In general, I followed the SWOTT method for...

6.9AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/04/15 4:13 p.m.30 views

Amid COVID-19, Global Orgs See a 148% Spike in Ransomware Attacks; Finance Industry Heavily Targeted

Cyber criminals often exploit fear and uncertainty during major world events by launching cyberattacks. These attacks are often performed with social engineering campaigns leveraging malicious emails that lure victims to install malware that steals financial data and other valuable personal...

7.4AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/04/09 7:38 p.m.34 views

6 Tips to Keep Your Video Conferencing Meetings Secure

The sudden and dramatic shift to a mobile workforce has thrust video conferencing into the global spotlight and evolved video conferencing vendors from enterprise communication tools to critical infrastructure. During any major and rapid technology adoption, cyberattackers habitually follow the...

0.3AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/04/09 3:0 p.m.39 views

The Results Are In: Defender Confidence Is On The Rise

Recently, I spent two weeks traveling across Europe talking with defenders, reporters, and leaders of security programs. While each country faces its own unique challenges and has its own needs, there were a few themes that were consistently present. Threat Outlook Report 2020. Naturally, we...

7.3AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/04/08 5:4 p.m.29 views

TAU Threat Analysis: NetWire Variant Leveraging AutoIt Scripts and Windows Shortcut Links

NetWire, an information stealing RAT that dates back multiple years, has been witnessed in the wild recently using a tactic of combining Windows shortcut link files and AutoIt scripts. These scripts pose as BitTorrent files, a protocol used for direct peer-to-peer file transfers, to entrench and...

7.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/04/08 3:13 p.m.32 views

Coronavirus and the Growing Mobile Workforce: Prioritizing Endpoint Security

Editor's Note: Gary Stevens, a technology writer, is posting as a guest author to carbonblack.com Despite the global COVID-19 response and current recommendations for social distancing, institutions, enterprises and businesses still need to function and maintain all necessary operations where...

0.5AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/04/08 1:57 p.m.164 views

COVID-19: Cybersecurity Community Resources

Novel Coronavirus COVID-19 has thrust personal safety and security into the public’s consciousness in an unprecedented way. Families, employees and global businesses have been forced to upend their lives to make their respective communities healthier and more resilient. Our collective response to...

0.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/04/07 5:30 p.m.51 views

vExpert Security 2020 Award Announcement

Thank you to everyone who applied for the vExpert Security sub-group and thank you to the vExpert PRO’s for doing their part in this process. We are pleased to announce the list of 2020 vExperts Security. Each of these vExperts have demonstrated significant contributions to the community and a...

6.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/04/06 2:0 p.m.37 views

AMA Recap: Top 10 Tips to Secure Your Remote Workforce

This is part of our ongoing conversation about the worldwide challenges of working remotely. To stay up-to-date on the latest insights, refer to our live page for COVID-19: Cybersecurity Community Resources. As organizations around the world transition to remote work en masse, cybersecurity...

0.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/04/02 5:0 p.m.33 views

How Federal Employees Can Protect their Agencies During the Pandemic

It’s no secret that the way the world works has shifted since COVID-19 came on the scene. Operations are going remote and, for many government and federal agencies, this is new territory. This novelty is compounded by the fact that nation-state attacks are—and have been—on the rise for quite some...

0.3AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/04/02 3:0 p.m.30 views

Managing Team Burn Out

According to the World Health Organization: “Burn-out is a syndrome conceptualized as resulting from chronic workplace stress that has not been successfully managed. It is characterized by three dimensions: feelings of energy depletion or exhaustion increased mental distance from one’s job, or...

6.9AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/04/01 10:0 a.m.49 views

Announcing the Release of Malware Prevention for Linux

The VMware Carbon Black team has a mission to keep your entire organization safe from cyber attacks. To deliver on this for today’s landscape, the Carbon Black Cloud platform has added malware prevention for Linux to bring the entire protection lifecycle to Windows, macOS, and Linux. With Linux n...

0.6AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/31 3:9 p.m.48 views

Threat Analysis Unit (TAU) Threat Intelligence Notification: CoronaVirus Ransomware

"CoronaVirus" Ransomware has been found distributed via a phishing website. The malicious website will distribute a trojan downloader which then leads to downloading additional malicious payloads: the Kpot InfoStealer and Coronavirus Ransomware. "CoronaVirus" Ransomware will perform the deletion ...

6.9AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/26 6:41 p.m.91 views

The Dukes of Moscow

Overview APT29, also known as The Dukes or Cozy Bear, is a cyberespionage group active since at least 2008. It’s believed that the group operates either under the Russian Foreign Intelligence Service SVR or the Russian Federal Security Service FSB. They primarily target western governments and...

9.3CVSS6.7AI score0.86979EPSS
Exploits4
Carbon Black Blog
Carbon Black Blog
added 2020/03/26 3:0 p.m.30 views

How to Do More with Less — a CISO’s Perspective

I’ve learned a ton of lessons over my years in the InfoSec world. I’ve made a lot of the right calls, but also a bunch of wrong ones. One of the lessons I have learned is how to operate in an environment of scarcity. This lesson started long before my career did. Growing up, I was the child of a...

7.4AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/25 9:32 p.m.59 views

How VMware Carbon Black Helps Agencies Meet CDM Requirements

When a crime is committed, one of the first things the police do is collect evidence from any security cameras nearby, and these days, cameras are everywhere. That’s a model that federal agencies want to apply to cybersecurity. This constant monitoring of systems to catch bad actors provides the...

0.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/25 3:0 p.m.28 views

Defender Behavior in 2019

Security is a team sport, or at least it should be. Given the constant behavior evolution we see from attackers and the vast IT footprint attackers can target, IT and security teams clearly face an uphill battle. Whereas attackers only have to be right once to succeed, defenders must be right 100...

7.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/24 4:30 p.m.34 views

Q&A: Insights from the Red Canary 2020 Threat Detection Report

In light of the latest update to the MITRE ATT&CK framework, Red Canary has developed a Threat Detection Report uncovering the top techniques attackers use to target your organization. To understand the significance of the report, we turned to two of VMware Carbon Black’s top threat experts, Greg...

8.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/23 4:48 p.m.38 views

VMware Carbon Black Removes Endpoint Limits for Customers to Secure Their Changing Environments During the COVID-19 Crisis

Novel Coronavirus COVID-19 has thrust personal safety and security into the public’s consciousness in an unprecedented way. Families, employees, and global businesses have been forced to upend their lives to make their respective communities healthier and more resilient. A key component to this...

0.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/23 3:0 p.m.63 views

What’s Coming in 2020: An RSA Recap

VMWare Carbon Black recently published our Outlook 2020 Threat Report largely fueled by the work of our amazing Threat Analysis Unit. Greg Foss @Heinzarelli and Andrew Costis @0x4143 did some in-depth research on Malware samples seen in 2019. As part of RSA, Greg and I had the chance to present o...

7.3AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/19 8:48 p.m.1011 views

Technical Analysis: Hackers Leveraging COVID-19 Pandemic to Launch Phishing Attacks, Fake Apps/Maps, Trojans, Backdoors, Cryptominers, Botnets & Ransomware

The global COVID-19 pandemic is generating a substantial uptick in the production and delivery of Coronavirus themed malware. Due to a rapidly growing number of Indicators of Compromise IOC’s, this report covers the key behaviors by aligning to the MITRE ATT&CK Framework. MITRE ATT&CK launched in...

9.3CVSS8.3AI score0.99966EPSS
Exploits45
Carbon Black Blog
Carbon Black Blog
added 2020/03/18 4:0 p.m.27 views

What is the Cybersecurity Equivalent of Washing Your Hands for 20 Seconds?

With COVID-19's spread, there have been numerous recommendations from health authorities and experts that one of the best, first-level measures to help spread infection is to wash hands with soap and water thoroughly for 20 seconds. In recent days, we’ve frequently gotten the question: “What can ...

0.6AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/18 10:0 a.m.60 views

Detecting Fileless Attacks with Enterprise EDR’s AMSI Visibility

If this year’s 2020 Cybersecurity Outlook Report taught us anything, it’s that defenders are seeing an increasing amount of defense evasion techniques in their environments. It’s crucial for security teams to have the granular visibility they need to spot malicious attacker behavior, however...

0.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/17 3:16 p.m.69 views

Tips for Securing Remote Workers

As more and more employees are mandated to work from home, security and non-security professionals alike are left wondering what they can do to keep their data and systems safe. To help with this, we’ve compiled a list of some of the key things you can do to ensure your defenses are up—on or off...

0.9AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/17 3:15 p.m.45 views

Evaluating EPP in the Time of XDR

The endpoint detection and response EDR market is not only more critical than ever, it is also going through the biggest period of innovation in its history – bigger than when EDR was first introduced by Carbon Black 7 years ago. This next wave of innovation is about extending EDR beyond the...

Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/17 2:14 p.m.612 views

Threat Analysis: CVE-2020-0796 – EternalDarkness (ghostSMB)

On March 10, 2020 analysis of a SMB vulnerability was inadvertently shared, under the assumption that Microsoft was releasing a patch for that vulnerability CVE-2020-0796. As of March 12, Microsoft has since released a patch for CVE-2020-0796, which is a vulnerability specifically affecting SMB3...

7.5CVSS0.7AI score0.9981EPSS
Exploits125
Carbon Black Blog
Carbon Black Blog
added 2020/03/16 3:0 p.m.21 views

2019: Looking Back at Ransomware

In security, 2016 was “The Year of Ransomware.” Since then, ransomware has only gotten more pervasive, costing billions in damages. In that vein, 2019 could have been referred to as “The Year of Ransoming Governments.” More than 70 state and local governments across the U.S. suffered ransomware...

7.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/16 3:0 p.m.40 views

New Osterman Research Report | Cyber Security in Healthcare

In 2019, roughly 45 million healthcare records were breached in the United States. With ransomware as their go-to technique, cyber attackers are targeting healthcare providers, medical devices, and critical supply chains more than ever before. The latest Osterman Research report, “Cyber Security ...

0.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/10 3:0 p.m.44 views

2019: Looking Back at Malware

In 2019, attacker behavior evolved, becoming more evasive. The most common behaviors seen across all attack data—mapped to the MITRE ATT&CK™ Framework—were: Software Packing for Defense Evasion, Hidden Windows for Defense Evasion, Standard Application Layer Protocol for Command and Control C2,...

0.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/06 7:12 p.m.28 views

Announcing the VMware vExpert Security Program!

We’re excited to share that the VMware Security Products Team and Carbon Black is announcing a new Security vExperts program. If you’re not familiar with vExperts, the program is designed to recognize individuals who are passionate about sharing their knowledge of VMware technologies with the...

6.7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/04 6:2 p.m.32 views

RSA 2020 – That’s a Wrap!

Last week VMware Carbon Black attended the RSA Conference 2020 in San Francisco! This year was bigger than ever before, as we shared our vision for intrinsic security — for a safer, more effective world. Get all the highlights and check out some of our favorite moments in the wrap up below. The...

7.3AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/04 5:24 p.m.36 views

IT Operations and Security: It’s Time to Build Something Better Together

Having been in the industry for longer than I care admit, I have seen the growth pre and post public internet. With that growth, there have been many changes with how organizations address the balance of IT Operations and Security, where tension still exists. IT Ops must keep the business running...

Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/03 4:29 p.m.56 views

VMware Carbon Black Threat Analysis: FTCODE Ransomware

FTCODE is a fully PowerShell-based ransomware. It is distributed via malicious document files that contain macros or using VBScript to download and launch the malicious PowerShell script. FTCODE ransomware will scan a specific list of file extensions and encrypt them with Rijndael algorithm. Othe...

7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/03 4:0 p.m.41 views

2020 Cybersecurity Outlook Report

In case you missed it, we are excited to release our latest report from the VMware Carbon Black Threat Analysis Unit TAU, the “2020 Cybersecurity Outlook Report”. In the search for clarity in the modern attacker vs. defender battle, it’s all about behaviors. More broadly, we explore the age-old...

0.5AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/02 6:23 p.m.43 views

Simplicity is the Key to Enterprise Cybersecurity

Editor’s Note: Sam Bocetta, a guest author on the VMware Carbon Black blog, is a freelance journalist specializing in U.S. diplomacy and national security, with emphases on technology trends in cyber warfare, cyber defense, and cryptography. In today’s digital environment, companies are...

7.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/03/02 4:0 p.m.34 views

Performance Testing: Justifying Cost and Performance Improvements (Part 2)

As mentioned in the first blog in this series, Melanie, a performance engineer at VMware Carbon Black, built both baseline and investigative tests for the engineers that develop and maintain the company’s reputation services. Here’s a deeper look at these tests and how they helped the company...

0.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/02/25 4:0 p.m.50 views

The Game Changing Role of Performance Testing (Part 1)

In two previous blogs, VMware Carbon Black software engineers discussed how important it was to maintain a balance of latency, scale, and cost as they built out and enhanced the company’s reputation services. They also provided some insights into the challenges they encountered with various...

7.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/02/25 10:0 a.m.37 views

Bringing Intrinsic Security to RSA Conference 2020

This year at the RSA Conference, VMware will be highlighting our vision for Intrinsic Security, a safer, more effective security built into the fabric of the various infrastructure control points that are vulnerable to attack endpoint, identity, network, cloud, workload. The VMware Carbon Black...

Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/02/24 4:30 p.m.42 views

Breaking Down Election Security: Points of Vulnerability and Solutions

The importance of cybersecurity in the context of the democratic process has become undeniable—with nation-state hackers setting their sights on elections as effective vehicles for attack, disruption, and social unrest. Christopher Wray, the Director of the FBI, testified to Congress that U.S...

0.7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/02/21 2:27 a.m.89 views

Threat Analysis: Active C2 Discovery Using Protocol Emulation Part2 (Winnti 4.0)

Summary The VMware Carbon Black Threat Analysis Unit TAU previously released a blog post documenting the Winnti version 4.0 malware. The new command and control C2 protocol that was implemented in one of the 4.0 samples was completely different from the existing understanding of the 3.0 protocol...

Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/02/18 4:30 p.m.29 views

State & Local Governments: The Cyberinsurgency Spreads

Today’s world is dramatically different than even five years ago. Ransomware attacks, which used to make global headlines, are now commonplace. Cybercriminals—who have historically targeted large enterprises—are now also setting their sights on state and local governments. New, sophisticated...

0.5AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/02/14 9:0 a.m.41 views

Why Our Customers Love VMware Carbon Black

As the cybersecurity world advances, organizations are starting to change their approach to security. More and more teams are moving to the cloud to maximize their endpoint protection and simplify their security stack. Using VMWare Carbon Black's Cloud platform, our customers are able to...

0.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/02/13 4:30 p.m.34 views

See the Advantages of Intrinsic Security | Join the Webinar Next Week

At VMware Carbon Black, we’re excited to continue exploring our approach to Intrinsic Security. What what does “intrinsic security” mean, and how does it help enhance and support an organization’s existing security stack? Truly, there has never been a more challenging nor exciting time in...

0.9AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/02/12 2:20 a.m.54 views

VMware Carbon Black TAU Threat Analysis: Shlayer (macOS)

Following our initial reporting of this threat, Carbon Black’s Threat Analysis Unit TAU has continued following the Shlayer family of malware and monitoring changes adopted by this campaign. Although detection by antivirus vendors has improved over the past year, the malware authors continue to...

7.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/02/12 1:25 a.m.293 views

VMware Carbon Black TAU: Ryuk Ransomware Technical Analysis

Ryuk Ransomware has been crippling both the public and private sector recently with the ability to disrupt its target environment. The ransomware will typically be dropped by an already compromised system that has been infected by Trickbot or Emotet through a phishing email. Once the Ryuk payload...

7.6AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/02/11 2:18 p.m.45 views

Partner Perspectives: Protecting Industrial Control Systems with Verve Industrial’s Endpoint Management and Carbon Black App Control

Imagine waking up in the morning, flipping on your light switch and nothing happens. The natural human response is to flip the switch a few more times before realizing something is wrong. You jump out of bed and notice the smart coffeemaker has not brewed a fresh cup of coffee that you’ve come to...

1.3AI score
Exploits0
Total number of security vulnerabilities849