Lucene search
K
CarbonblackRecent

849 matches found

Carbon Black Blog
Carbon Black Blog
added 2019/07/15 3:20 p.m.63 views

What Do High-Level Deep Fakes Mean For Cybersecurity?

Editor’s Note: Sam Bocetta, a guest author on the Carbon Black blog, is a freelance journalist specializing in U.S. diplomacy and national security, with emphases on technology trends in cyber warfare, cyber defense, and cryptography. You’ve heard the term “fake news” bantered about a lot the las...

0.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/07/11 5:29 p.m.58 views

Through the Years: an Inside Look at Carbon Black Technology

An early Carbon Black customer and Red Canary detection engineer provides perspective on Carbon Black’s technology evolutions. This post was originally published by our partner Red Canary on May 30, 2019. Back in 2013, I was one of the first security professionals to deploy Carbon Black. This was...

6.7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/07/11 12:0 p.m.55 views

Congratulations to our Query of the Month Winner for June 2019!

Last month, we launched our Query of The Month competition, which recognizes the top community-shared query that provides value to other Osquery users. To determine the query of the month, our team selects the community-shared query that has the most engagement or helps solve an important problem...

1.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/07/10 4:23 p.m.92 views

CB TAU Threat Intelligence Notification: SEON Ransomware Distributed via Drive-By Attack Campaign

SEON Ransomware ver 0.2 was found being distributed by the GreenFlash Sundown exploit kit via a drive-by-attack campaign. After performing the encryption, SEON will drop and display the following ransom note and append ‘.fixt’ as the extension to the encrypted file. Figure 1: Screenshot of the...

7.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/07/10 4:11 p.m.88 views

CB TAU Threat Intelligence Notification: Buran Ransomware

Recently there was malvertising campaign which would redirect users to RIG exploit kit and then infecting victim’s computer with a new ransomware named as Buran Ransomware. It will drop a ransom note named ‘!!! YOUR FILES ARE ENCRYPTED !!!.txt’ and append victim’s personal ID as extensions to the...

6.9AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/07/09 1:2 p.m.65 views

Partner Perspectives: Maintaining Order in Chaotic Times

Erkang Zheng is the CISO of LifeOmic and the General Manager of JupiterOne. One of the key challenges facing growing cloud-native organizations is the ability to maintain your security and compliance posture despite your employees’ access to critical data from numerous locations and devices. This...

7.4AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/07/08 5:0 p.m.112 views

How Carbon Black is Prioritizing Living Off the Land Attacks Part 2

What are Living Off the Land LoL Attacks? In recent years, Living off the Land Binaries and Scripts LoLBas have become increasingly popular tools for cybercriminals. These types of attacks leverage native, signed, and often pre-installed applications in malicious ways that their creators never...

0.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/07/08 4:3 p.m.158 views

CB TAU Threat Intelligence Notification: Maze Ransomware

Maze Ransomware, also known as ChaCha Ransomware, has been discovered being distributed by the Fallout exploit kit. After the encryption, it will create a ransom note named ‘DECRYPT-FILES.html’ in each of the encrypted file’s folders. The bottom of the ransom note is a base64 string which contain...

6.6AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/07/02 4:0 p.m.75 views

Addressing the Cyber Security Skills Gap, Part 1

Operating in an adversarial driven world, cyber defenders are faced with many obstacles. In effort to keep pace with our adversarial counterpart, the cyber security skills gap has become the silent oppressor. In Part 1 of this multi-part blog series we will define the implications presented by th...

7.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/06/18 3:21 p.m.162 views

Boosting Your Linux & Docker Security with CB LiveOps

Today we’re excited to announce Linux support for CB LiveOps, Carbon Black’s real-time endpoint query & remediation solution that helps security teams audit and change the state of their systems. This release expands the product’s footprint to cover all major operating systems, including Amazon...

7.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/06/05 5:30 p.m.110 views

Partner Perspectives: 3 Tips for Starting a Threat Hunting Program

Peter Silberman is the Director of Detection & Response, Innovation at Expel. Mary Singh is a Detection and Response Lead at Expel. So, you want to build a threat hunting program…but where do you start? There are lots of ways to build a threat hunting program for your own org and depending on you...

6.9AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/06/05 2:10 p.m.89 views

Healthcare Cyber Heists in 2019

Healthcare organizations are increasingly being targeted by cyberattacks due to the gold mine of personal data they possess. The potential, real-world effect these attacks can have is substantial. See the WannaCry and NotPetya ransomware attacks of 2017. Click here to download the full report fro...

1.6AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/06/04 1:31 p.m.72 views

How Carbon Black is Prioritizing Living Off the Land Attacks

What are Living Off the Land LoL Attacks? In recent years, Living off the Land Binaries and Scripts LOLBas have become increasingly popular tools for cybercriminals. These types of attacks leverage native, signed, and often pre-installed applications in malicious ways that their creators never...

0.5AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/30 1:21 p.m.72 views

Twitter Contest! Enter to Win a $250 Gift Card at #CBConnect19

To make CB Connect 2019 even more exciting, we’re hosting a Twitter contest to see who can rack up the most engagement on Twitter. If you want to participate, just share your thoughts about CB Connect 2019 on Twitter by telling us what you’ve learned, which sessions you liked most, who you got to...

6.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/29 1:0 p.m.64 views

Q&A with Ashley Fidler, Chief Product Officer at eSentire: Women in Cybersecurity

In a few short weeks, Carbon Black will be hosting our annual user conference, CBConnect19, in sunny San Diego. This year, we’re bringing together a group of powerhouse women from across a variety of industries for our annual Women in Cybersecurity Panel to share their knowledge and experience fr...

7.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/24 2:52 p.m.92 views

Why You Should Join Carbon Black at QueryCon 2019

Carbon Black Joining Trail of Bits to Support QueryCon 2019 We are excited to announce that Carbon Black will be joining with Trail of Bits and Kolide to sponsor QueryCon 2019. QueryCon is a conference dedicated to Osquery, an open source tool that allows users to query their devices like a...

0.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/23 1:0 p.m.74 views

The 5 Conversations I want to have at CB Connect 2019

In a few weeks, I’ll be attending CB Connect in my hometown of San Diego, CA. If you’ve read my earlier blogs, you know I’m passionate about this event because it brings together some of the best and brightest in the security space to network and collaborate on solving some of our industry’s...

7.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/22 3:5 p.m.84 views

How CB LiveOps Enhances Your Security

If you’re using Carbon Black products, you are already familiar with the actionable insights they provide. Whether you’re doing root cause analysis or setting up policies around what applications are allowed to run on your machines, Carbon Black gives you the tools you need to understand and take...

0.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/21 2:0 p.m.68 views

Developer Day 2019

Carbon Black is proud to announce its second annual Developer Day to be held on June 3, 2019, one day prior to the annual CB Connect 2019 user conference. Customers and partners worldwide will converge at the Hotel del Coronado in San Diego, California, to hear from Carbon Black employees and...

7.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/21 1:0 p.m.146 views

4 Common Misconceptions About Threat Hunting

Editor’s Note: Sam Bocetta, a guest author on the Carbon Black blog, is a freelance journalist specializing in U.S. diplomacy and national security, with emphases on technology trends in cyber warfare, cyber defense, and cryptography. Looking for cyber threats isn't new, but threat hunting as a...

Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/20 4:6 p.m.94 views

Five Carbon Black Team Members Honored on CRN’s 2019 Women of the Channel List, One Named to the Power 100 List

We are excited to announce that five of Carbon Black’s talented employees have been named to CRN’s 2019 Women of the Channel list: Christine Bufalini, Senior Marketing Director Melanie Holterhoff, Channel Marketing Manager Toni Pommet, Senior Channel Marketing Manager Ashley Tranfaglia, Senior...

1.9AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/20 3:0 p.m.93 views

Threat Intelligence – What It Is and Why You Need It

Threat intelligence is a broad term. Some might think it refers to having information about what threats are out there. But in the evolved world of cybersecurity, threat intelligence is actually a verb. Cybersecurity threat intelligence is the ability to take closed-source or open-source data fro...

0.5AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/17 5:48 p.m.258 views

CB TAU Threat Intelligence Notification: RobbinHood Ransomware Stops 181 Windows Services Before Encryption

According to source articles, RobbinHood ransomware has been discovered and it will stop 181 Windows services prior to the encryption taking place. It is thought that the ransomware might not be distributed through a typical spam campaign, but instead via other methods such as hacked remote deskt...

6.7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/16 3:0 p.m.85 views

Four Steps to Becoming a Threat Hunter

Roles in cybersecurity have evolved to now include the title of “Threat Hunter”. It sounds cool, but I’m sure many of you are wondering what it really means and how it is different from the job you’ve been doing. Up until now, most of us have performed a job more akin to “Threat Wrangler”. Once...

7.4AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/15 3:0 p.m.40 views

Three Common Questions (and Answers) About Next-Gen AV

Most organizations with traditional, or legacy, antivirus AV solutions are well aware that they are no longer protected from the more advanced tactics and threats of attackers today. Signatures just can’t keep up with emerging threats. But that doesn’t mean that everyone is ready to dive head fir...

0.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/14 9:32 p.m.94 views

New CB LiveOps Release Brings Recommended Queries to Users

Security & IT teams often have no reliable way to check on the current status of their endpoints across their enterprise. This forces these teams to piece together information from multiple management consoles in order to get answers about the health of their entire fleet. Even when they do have...

6.9AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/14 6:13 p.m.65 views

5 Cybersecurity Tips You Need To Know

1. Passwords Passwords should be thought of more as “pass-phrases.” They should be at least 16 characters long, contain uppercase & lowercase letters, numbers, and symbols. Furthermore, you should update your passwords at least every 6 months—although every 90 days is recommended. Additionally,...

0.6AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/14 3:48 p.m.99 views

CB TAU Threat Intelligence Notification: JCry Ransomware Pretends to be Adobe Flash Player Update Installer

JCry is a new family of ransomware that has the unique characteristic of being written in the Go programming language and being delivered as multiple executables, each with their own purpose. It was pretending to be an Adobe flash player update installer on a compromised website to lure users to...

7.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/13 7:8 p.m.70 views

Evolving Threat Hunting with the MITRE ATT&CK Framework at CB Connect

Evolving Threat Hunting with the MITRE ATT&CK Framework – Join me at CB Connect San Diego! There are a number of techniques you can use to uncover security gaps leveraging the MITRE ATT&CK matrix. At CB Connect San Diego, our annual user conference June 4-5th, I will speaking on “How to Evolve Yo...

Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/09 8:25 p.m.131 views

Carbon Black Leaders Share the Best Advice They’ve Ever Received From Their Moms

Mother’s Day is on May 12 and right around the corner! In honor of all mothers and mother-figures, members of Carbon Black's leadership team shared advice and personal stories about the impact their mothers made on their own lives and careers. Victor Baez, VP of Worldwide Channel “Troubles come a...

Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/09 5:58 p.m.150 views

fn_fuzzy: Fast Multiple Binary Diffing Triage with IDA

Summary This week at HITBSecConf, Takahiro Haruyama, a Senior Threat Researcher for the CB Threat Analysis Unit TAU, presented his work on fnfuzzy, a tool which aims to help researchers and reverse engineers triage samples quicker. This blog post details the motivation for and current standing of...

7.4AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/09 5:0 p.m.66 views

Excerpts from “5 Questions for Eric O’Neil—the FBI “ghost” who brought down a Russian Mole”

Eric O’Neill serves as Carbon Black’s national security strategist where he is a thought leader on a wide range of issues including counterterrorism and national security matters. Prior to this, he was as an operative for the FBI, where he conducted national security field operations against...

0.4AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/09 3:0 p.m.69 views

CB Customer Spotlight: Q&A with University of Tennessee Health Science Center’s Ammar Ammar

For years, Ammar Ammar had been working his way across the IT landscape in various roles, but it was an interest in security that made him take a different step in his career path. That change led him to his current role as an IT Security Analyst at the University of Tennessee Health Science Cent...

7.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/08 5:0 p.m.104 views

8 Live Queries That Will Speed Up Your Next PCI Audit

It’s no secret that kicking off any kind of compliance audit can be a slow, tedious project. This is especially true when it comes to performing a pre-assessment gap analysis for PCI-DSS. Ask any qualified security assessor QSA, and they’ll tell you that the data gathering, scoping, and gap...

0.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/08 4:35 p.m.72 views

“There Are No Hackers, There Are Only Spies”

In December 2015, I opened a letter from the Office of Personnel Management. The OPM oversees healthcare and insurance programs, administers retirement and benefit services, and assists federal agencies in hiring new employees and providing federal investigative services for background checks. Th...

7.3AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/07 3:27 p.m.34 views

What Does it Mean to Connect?

"Bring together or into contact so that a real or notional link is established." or "Join together so as to provide access and communication." -The Oxford English Dictionary I have been to too many security events. 🙂 So many, in fact, that sometimes they blend together. CB Connect, however, is no...

7.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/05/02 5:0 p.m.48 views

Gray Day: My Undercover Mission To Expose America’s First Cyber Spy

Who is Eric O’Neill? Eric O’Neill serves as Carbon Black’s national security strategist where he is a thought leader on a wide range of issues including counterterrorism and national security matters. Prior to this, he was as an operative for the FBI, where he conducted national security field...

7.3AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/04/29 5:30 p.m.35 views

CB Customer Spotlight: Q&A with Netflix DVD’s Jimmy Sanders

Recently we sat down with Jimmy Sanders, VP of Information Security at Netflix DVD, to talk about his upcoming presentation for CB Connect, Carbon Black’s customer conference. Sanders was one of the headliners at CB Connect 2018, and this year he will be speaking to his peers in the Security...

6.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/04/24 7:43 p.m.83 views

CB TAU Threat Intelligence Notification: Emotet Utilizing WMI to Launch PowerShell Encoded Code

Carbon Black recently learned that a customer had received a malicious email, which was written in German and was attached with a password-protected zip file that contained a malicious document file. This phishing email belongs to the recent Emotet campaign. However, what makes this malware uniqu...

2.7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/04/23 1:0 p.m.22 views

Partner Perspectives: Blending Analytics with Endpoint Detection and Response Better Defends the Modern Worker

Ryan Stolte is the co-founder and CTO for Bay Dynamics. There are clearly many reasons why Endpoint Detection and Response EDR has materialized into such a hotbed of interest, investment and emerging best practices - endpoint security must continually evolve within the context of threats and...

Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/04/22 4:50 p.m.129 views

CB TAU Threat Intelligence Notification: HopLight Campaign (Linked to North Korea) is Reusing Substantial Amount of Code

On April 10, 2019 the US Department of Homeland Security DHS released a Malware Analysis Report MAR-10135536-8 which detailed the trojan HopLight. HopLight has been linked to different North Korean DPRK campaigns also known as the Lazarus Group. The CB Threat Analysis Unit TAU has continued to...

0.4AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/04/16 3:38 p.m.110 views

CB TAU Threat Intelligence Notification: Danabot Trojan Targets Financial Services Industry via Stolen Credentials

Summary Danabot is a banking trojan written in the Delphi programming language. Delivery methods are typically via phishing emails that contain malicious attachments, which further call out to download the main payload using PowerShell or VBScript. Danabot is modular in nature and has capabilitie...

3.9AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/04/16 2:16 p.m.52 views

Partner Perspectives: Accelerated Alert Handling from Syncurity and Carbon Black

JP Bourget is the Founder and CSO of Syncurity. One of the key Security Orchestration, Automation and Response SOAR use cases I see every day is alert handling. As more and more organizations adopt EDR solutions, like those offered by Carbon Black, Syncurity IR-Flow is able to speed up the alert...

7.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/04/15 5:6 p.m.62 views

Mirai Rebirth Highlights Importance of Defending IoT

Editor’s Note: Sam Bocetta, a guest author on the Carbon Black blog, is a freelance journalist specializing in U.S. diplomacy and national security, with emphases on technology trends in cyber warfare, cyber defense, and cryptography. Enterprises of all sizes face a massive challenge when it come...

0.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/04/11 9:54 p.m.177 views

Attack Madness: The “Final Four” Cyber Threats According to Security Professionals

In the spirit of March Madness, we’re evaluating the type of cyberattacks that most concern our community of security experts. When approximately one million cyberattacks are attempted per day, this “madness” takes on a whole new level for organizations looking to protect themselves against the...

0.4AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/04/11 6:9 p.m.72 views

Carbon Black Report Finds Tax Fraud & “Identity Theft On Demand” Continuing to Take Shape on the Dark Web

While online sales of identity and banking information have both been easily accessible to malicious actors for a decade or more, there has been a recent maturation in the dark web economy focused on tax identity theft. Carbon Black’s recent research into various marketplaces on the dark web foun...

6.7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/04/11 3:0 p.m.45 views

Top 10 Benefits that Make Upgrading to the PSC a Priority

If you are running either of Carbon Black’s on-premise products CB Response & CB Protection, you are already seeing the benefits of a strong endpoint security solution. With something this effective already in place, why would you need to consider moving to a cloud platform? The answer is twofold...

7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/04/09 4:6 p.m.335 views

Steganography in the Modern Attack Landscape

Steganography the hiding of data in other content types such as images, videos, network traffic etc. continues to play a role in modern attacks in several forms. Most uses of steganography in malware can be divided into two broad categories: concealing the actual malware contents and concealing t...

7.4AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/04/09 2:24 p.m.35 views

Partner Perspectives: Level Up your EDR Capabilities with Deception-Based Threat Detection from Carbon Black and Smokescreen

Amir Moin is a Product Manager for Smokescreen. All security teams eventually run into the same fundamental problems - low network visibility, overworked security analysts, and breaches that put them on the nine o’clock news. Traditional security solutions are primed toward giving security teams ...

0.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/04/08 5:29 p.m.44 views

Can You Handle the Cyber Threats Coming in 2019?

I never thought I’d long for the days when Pikachu and Anna Kournikova worms were thriving. But back then, cyber attacks caused chaos, but not significant damage. Fast forward to 2019 and the threat landscape has changed. Now attackers are out to do significant damage to your company. This damage...

Exploits0
Total number of security vulnerabilities849