Lucene search
K
CarbonblackRecent

849 matches found

Carbon Black Blog
Carbon Black Blog
added 2019/01/30 4:10 p.m.63 views

How a Dedicated Focus on Clarity Can Relieve Disorganization, Distraction and Confusion in Infosec

clar·i·ty /ˈklerədē/ noun the quality of being coherent and intelligible. "For the sake of clarity, each of these strategies is dealt with separately" 1. synonyms: | lucidity, lucidness, clearness, perspicuity, intelligibility, comprehensibility, coherence;More ---|--- It’s been three years on th...

7.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/30 4:0 p.m.69 views

CB Customer Spotlight: Q&A with Ritter Insurance Marketing’s Dan McLellan

Dan McLellan is a Network Support Specialist at Ritter Insurance Marketing, and uses the Carbon Black community to increase his security knowledge and share information with his colleagues. Having access to insights from other security professionals has not only shortened the time he spends tryin...

7.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/29 4:10 p.m.97 views

TAU Threat Intelligence Notification: BlackRouter Ransomware

According to the article from BleepingComputer, BlackRouter Ransomware was being promoted as a Ransomware-as-a-Service on Telegram by an Iranian developer. BlackRouter Ransomware will append ‘.BlackRouter’ as file extension to the encrypted file. In addition, it will attempt to delete volume shad...

6.6AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/29 2:29 p.m.47 views

How CB LiveOps Helps with Incident Response

Security and IT Operations teams often have no reliable way to assess the current state of endpoints across their enterprise, leading to increased risk of breach, inability to make informed remediation decisions, and unnecessary spending on infrastructure maintenance. A real-time endpoint query a...

0.6AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/29 2:17 p.m.51 views

Partner Perspectives: Beyond SIEM: Carbon Black + JASK Connected

Oren Arar is the Head of Alliances for JASK. The real-time integration of JASK & Carbon Black provides high-value alerts and extended contextual investigation insights to our joint customers, all within a cloud-native environment. Background The JASK Autonomous Security Operations Center ASOC...

1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/28 5:58 p.m.72 views

5 Questions to Ask About Your Security People in a World Saturated by Security Tools

Definition of tool - 1a: a handheld device that aids in accomplishing a task b1: the cutting or shaping part in a machine or machine tool 2: a machine for shaping metal : MACHINE TOOL 2a: something such as an instrument or apparatus used in performing an operation or necessary in the practice of ...

7.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/28 3:57 p.m.326 views

TAU Threat Intelligence Notification: PPID Spoofing – Explorer CLSID

Summary Popular Attack Surface Reduction bypasses allow adversaries to hinder threat hunting activities by spoofing Parent Process ID. PPID to PID relationships have always been a key indicator of compromise and removing these conditions lead to false sense of security. Upon investigation its bee...

1.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/24 7:58 p.m.225 views

Carbon Black TAU & ThreatSight Analysis: GandCrab and Ursnif Campaign

Summary Analysis conducted by Andrew Costis, Cathy Cramer, Emily Miner and Jared Myers. The Carbon Black ThreatSight team observed an interesting campaign over the last month. ThreatSight worked with the Threat Analysis Unit TAU to research the campaign. This report is being released to help...

7.3AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/23 3:1 p.m.58 views

Carbon Black Global Threat Report: ‘The Year of the Next-Gen Cyberattack’

In 2016, fileless attacks such as PowerWare and the alleged hack against the Democratic National Committee DNC stole sensitive information and global headlines. In 2017, WannaCry, NotPetya and BadRabbit demonstrated ransomware’s global ubiquity. Then, as we kicked off 2018, the Spectre and Meltdo...

0.3AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/23 1:0 p.m.40 views

Partner Perspectives: The Speed of Prevention – eSentire + Carbon Black

Editor's Note: This blog originally appeared on eSentire.com. Let’s start with a brief history lesson. In September 2016, eSentire and Carbon Black™ announced a strategic partnership in conjunction with launching esENDPOINT built on CB Response to augment our market-leading Managed Detection and...

0.3AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/22 5:35 p.m.88 views

How CB LiveOps Helps with Vulnerability Assessment

Security and IT Operations teams often have no reliable way to assess the current state of endpoints across their enterprise, leading to increased risk of breach, inability to make informed remediation decisions, and unnecessary spending on infrastructure maintenance. A real-time endpoint query a...

0.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/18 2:55 p.m.225 views

TAU Threat Intelligence Notification – WindTail (OSX)

Summary Dark Matter researcher Taha Karim recently presented his research on the APT group WindShift at Hack in the Box Singapore. This group primarily focuses on highly targeted campaigns directed toward Middle Eastern government and commercial entities. One of the custom macOS backdoors employe...

0.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/18 2:43 p.m.199 views

TAU Threat Intelligence Notification – MongoLock Ransomware

Summary The new variant of MongoLock Ransomware will delete users’ files immediately instead of encrypting them. Upon execution, MongoLock will scan specific locations such as Desktop, Documents, or Recycle Bin Folders, then delete files and format the local disk drives. The following is the list...

6.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/17 4:24 p.m.99 views

TAU Threat Intelligence Notification – Crypt0r Ransomware

Summary Crypt0r ransomware is a new strain of ransomware that operates similar to WannaCry and NotPetya. When executed, it first checks for a hardcoded mutex value, and if it isn’t found, creates it as “crypt0r-mutex”. It then retrieves the temporary path of the currently logged in user, and...

7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/16 4:7 p.m.73 views

Partner Perspectives: Awake Security and Carbon Black Deliver Comprehensive Threat Detection and Response

Rudolph Araujo is the Vice President of Awake Security. Even relatively unsophisticated attackers today use tools, tactics and techniques that make them difficult to uncover. For instance, the use of non-malware tools, such as PowerShell, psexec and Python, places a burden on security teams to...

0.6AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/10 4:12 p.m.12 views

TAU Threat Intelligence Notification: Israbye Wiper

Summary Israbye is a disk wiper first discovered by a researcher in August 2017, as reported by Bleeping Computer. A newer sample has since been discovered, which appears to timely coincide with a recent news story that references the Al-Aqsa mosque. This mosque is also referenced within the...

1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/10 3:57 p.m.95 views

TAU Threat Intelligence Notification: Israbye Wiper

Summary Israbye is a disk wiper first discovered by a researcher in August 2017, as reported by Bleeping Computer. A newer sample has since been discovered, which appears to timely coincide with a recent news story that references the Al-Aqsa mosque. This mosque is also referenced within the...

1.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/09 3:1 p.m.43 views

TAU Threat Intelligence Notification: LamePyre (OSX)

Summary MalwareBytes researcher Adam Thomas recently discovered a malicious MacOS application masquerading as the chat app Discord that they have named “LamePyre." Although it is made to look like a typical application installer, it does not attempt to appear legitimate by running a decoy install...

0.6AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/07 5:27 p.m.130 views

TAU Threat Intelligence Notification: Djvuu Ransomware

Summary Djvuu ransomware is believed to be a newer variant of the “Stop” ransomware strain, which was seen circulating in the early part of 2018. There are also similarities to the Goren-B trojan originally reported by Sophos back in 2016. Djvuu is likely to be delivered through phishing e-mail...

6.7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/07 3:52 p.m.78 views

How CB LiveOps Helps with IT Hygiene

Security and IT Operations teams often have no reliable way to assess the current state of endpoints across their enterprise, leading to increased risk of breach, inability to make informed remediation decisions, and unnecessary spending on infrastructure maintenance. A real-time endpoint query a...

Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/03 6:0 p.m.84 views

Top 5 Threat Hunting Myths: “Threat Hunting Is Just a Fad”

The cybersecurity landscape is in a constant state of change and, as many organizations have learned, it’s no longer a matter of if you’ll face a cyberattack, but when. In today’s world, attackers intentionally look normal to evade automated defenses. With the rise of ransomware, fileless and...

6.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2019/01/02 3:42 p.m.81 views

3 Infosec Reflections to Kick off 2019 & Finally Shift the Balance of Power Back to Defenders

Wow. It's already 2019. Talk about a year in 2018 that flew by! I won’t spend this entire blog talking about 2018 but, needless to say, a lot happened in 2018 and it doesn’t look to slow down anytime soon. This time of year, I like to stop and reflect on the previous year and think about moving...

7.3AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/12/31 6:46 p.m.92 views

CB Customer Spotlight: Q&A with Kaas Tailored’s Joe Mrazik

For the past eight years, Joe Mrazik has taken on the role of Network Administrator for Kaas Tailored, protecting the company’s endpoints with CB Defense. Kaas Tailored is an aerospace and furniture manufacturing company that supplies parts to aerospace companies like Boeing. Read on to learn how...

7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/12/21 2:3 p.m.87 views

Cybersecurity Skills Gap: “There’s No Silver Bullet to Solving the Problem” & Other Takeaways From the Toronto Global Forum

Last week, I ventured up to the beautiful city of Toronto — and while I’d love to go back for pleasure, this trip was strictly business. The Toronto Global Forum is an international conference that brings together heads of states, central bank governors, ministers and global economic decision...

Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/12/20 4:0 p.m.59 views

Untainted By Design: How Our MITRE ATT&CK Results Demonstrate the Resilience of Carbon Black

I started my career in cybersecurity 10 years ago as a Technical Operations Officer in the US Intelligence Community, where I had a first-hand view into the most sophisticated ongoing cyber operations in the world. One thing was always clear: attackers always found ways to stay a step ahead of th...

0.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/12/19 3:7 p.m.71 views

BLITZ! Like a Great Middle Linebacker, An Agile & Strong EDR Solution Can Quickly Respond to an Offensive Attack

As we near the close of 2018, we should appreciate that cyberspace has become an increasingly hostile landscape. Geoplitical tensions are manifesting in cyberspace and cyber criminals have become increasingly punitive this year. We at Carbon Black have observed some interesting trends: Vapor Worm...

7.4AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/12/18 6:0 p.m.90 views

Top 5 Threat Hunting Myths: “Threat Hunting Is Too Expensive”

The cybersecurity landscape is in a constant state of change and, as many organizations have learned, it’s no longer a matter of if you’ll face a cyberattack, but when. In today’s world, attackers intentionally look normal to evade automated defenses. With the rise of ransomware, fileless and...

6.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/12/12 3:55 p.m.72 views

Top 5 Threat Hunting Myths: “Threat Hunting Isn’t Worth My Time”

The cybersecurity landscape is in a constant state of change and, as many organizations have learned, it’s no longer a matter of if you’ll face a cyberattack, but when. In today’s world, attackers intentionally look normal to evade automated defenses. With the rise of ransomware, fileless and...

6.9AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/12/11 7:0 p.m.50 views

Forrester Finds Carbon Black’s Predictive Security Cloud to have 261% ROI

Your endpoints are one of the most targeted assets in your organization—in 2017 alone, more than 50% of organizations experienced a data breach of some kind.1 At Carbon Black, we understand this risk, and are committed to providing the best possible endpoint protection. In order to demonstrate...

0.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/12/11 5:40 p.m.63 views

Partner Perspectives: Insight on Turla PNG Dropper

Editor's Note: This blog originally appeared on NCC Group's website. This is a short blog post on the PNG Dropper malware that has been developed and used by the Turla Group 1. The PNG Dropper was first discovered back in August 2017 by Carbon Black researchers. Back in 2017 it was being used to...

Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/12/11 4:38 p.m.64 views

Proper File Integrity Monitoring Critical in Light of Big Breaches & Regulatory Pressure

In light of the recent mega data breaches that have plagued our market over the last year, and the continued escalation of attempted cyberattacks against critical systems during peak periods i.e. the retail sector POS and payment systems, reported in the Carbon Black Threat Analysis Unit TAU...

Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/12/06 2:0 p.m.71 views

Partner Perspectives: Put Access Control in Context with ClearPass and Carbon Black

Paul Kaspian is a Senior Product & Solutions Marketing Manager for Aruba, a Hewlett Packard Enterprise company. Strengthen your security defenses by considering endpoint context in access control decisions. As enterprise security continues to evolve, organizations are constantly deploying new...

1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/12/06 1:31 p.m.35 views

CB ThreatHunter: Now Available on the CB Predictive Security Cloud (PSC)

Today Carbon Black is announcing the general availability of CB ThreatHunter, our newest offering on the CB Predictive Security Cloud PSC, which delivers powerful threat hunting and incident response IR capabilities on the same platform. The release of CB ThreatHunter marks the fourth service...

Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/12/05 6:0 p.m.81 views

Top 5 Threat Hunting Myths: “Threat Hunting Is Too Complicated”

The cybersecurity landscape is in a constant state of change and, as many organizations have learned, it’s no longer a matter of if you’ll face a cyberattack, but when. In today’s world, attackers intentionally look normal to evade automated defenses. With the rise of ransomware, fileless and...

6.7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/12/05 3:12 p.m.71 views

NRCC Email Hack Highlights Lack of Visibility & Proactive Threat Hunting at Political Organizations

Earlier this week, Politico reported that the National Republican Congressional Committee NRCC suffered a major attack prior to the 2018 U.S. midterm elections, with thousands of sensitive emails from four senior aides exposed to an outside intruder. While the impact of this breach is still...

0.3AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/12/04 6:0 p.m.75 views

A Way Forward

Carbon Black recently published a report on the challenges of securing Linux-based operating systems and how Carbon Black is redesigning the approach. For more information about how the CB Predictive Security Cloud, Carbon Black's consolidated endpoint security platform, helps enterprises cut cos...

7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/12/04 3:43 p.m.84 views

6 Security Tips to Consider While You Travel

Following the “8 Ways to Avoid the Cybersecurity Grinch” blog post, it seems like a follow-up is in order given the recent Marriott Breach disclosure. It is important to note that when we travel, similar to when we shop, we are putting our trust in the organizations we are dealing with during our...

7.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/12/03 7:45 p.m.52 views

Using the L.U.R.E. Method to Swim Free of Phishing Attacks

baitfish noun bait·​fish | \ˈbāt-ˌfish \ Definition of baitfish : a small fish such as a golden shiner or menhaden that attracts and is a food source for a larger game fish also : a fish used for bait Think about being in a school of fish for a second. Schools behave the way they do for a reason...

6.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/11/30 3:30 p.m.93 views

Why I’m Ecstatic About the MITRE ATT&CK Results

Yesterday, MITRE published the results of its first public evaluation of endpoint detection & response EDR vendors based on its increasingly-popular ATT&CK framework. The ATT&CK evaluations are a new approach to EDR testing - open, sophisticated, rigorous, and reflective of the real world. We...

0.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/11/29 6:0 p.m.79 views

Top 5 Threat Hunting Myths: “EDR Is Threat Hunting”

The cybersecurity landscape is in a constant state of change and, as many organizations have learned, it’s no longer a matter of if you’ll face a cyberattack, but when. In today’s world, attackers intentionally look normal to evade automated defenses. With the rise of ransomware, fileless and...

6.7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/11/29 6:0 p.m.75 views

Discovering Design Principles

Carbon Black recently published a report on the challenges of securing Linux-based operating systems and how Carbon Black is redesigning the approach. For more information about how the CB Predictive Security Cloud, Carbon Black's consolidated endpoint security platform, helps enterprises cut cos...

7.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/11/29 3:12 p.m.73 views

8 Ways to Avoid the Cybersecurity Grinch This Holiday Season

'Tis the season to be jolly…unless you work in cybersecurity. According to the Carbon Black Threat Analysis Unit TAU, organizations should expect to see a spike in potential cyberattacks starting with Black Friday/Cyber Monday and continuing through the holiday shopping season. TAU’s analysis...

Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/11/29 2:0 p.m.53 views

Partner Perspectives: Notes from the Field: Extending Carbon Black Visibility to Undetected Malware

Daniel LaVoie is a Senior Solutions Specialist at ReversingLabs. On a recent customer visit, I asked the company’s Director of Security Operations how ReversingLabs came to be deployed as a part of their SOC tool set. The answer was quite interesting, and one that I wanted to share with our blog...

0.7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/11/27 6:0 p.m.95 views

Building Better Evaluation Criteria for Linux Security

Carbon Black recently published a report on the challenges of securing Linux-based operating systems and how Carbon Black is redesigning the approach. For more information about how the Cb Predictive Security Cloud, Carbon Black's consolidated endpoint security platform, helps enterprises cut cos...

7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/11/20 6:0 p.m.64 views

Flaws in Evaluating Security Tools for Linux

Carbon Black recently published a report on the challenges of securing Linux-based operating systems and how Carbon Black is redesigning the approach. For more information about how the Cb Predictive Security Cloud, Carbon Black's consolidated endpoint security platform, helps enterprises cut cos...

7AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/11/19 3:44 p.m.93 views

6 Signs of Successful Threat Hunting

When a threat hunting program is established by an organization, their goal is to proactively hunt threats, with a focus on newer, more sophisticated attacks for which reliable signatures or indicators are not yet available. Bonus: Check out the "Top 5 Threat Hunting Myths" However, without an...

0.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/11/15 6:0 p.m.97 views

Re-designing Linux Security: Do No Harm – Introduction

Carbon Black recently published a report on the challenges of securing Linux-based operating systems and how Carbon Black is redesigning the approach. For more information about how the Cb Predictive Security Cloud, Carbon Black's consolidated endpoint security platform, helps enterprises cut cos...

6.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/11/15 2:0 p.m.47 views

Partner Perspectives: Collaborate and Consolidate with King & Union and Carbon Black

Peter Prizio Jr. is the Senior Product Manager for King & Union. One of the biggest challenges facing security organizations today is dealing with the overwhelming number of alerts received each and every day. A staggering 27 percent of IT professionals report receiving more than one million aler...

0.6AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/11/14 6:25 p.m.67 views

Small Business Benefits of Moving to the Cloud: Resource Friendly

Small businesses never seem to have enough people or funding, and the last thing they need is for their security solution to be eating up precious resources. Your people are stretched thin and don’t really have time or budget to source new hardware or push software updates. Not to mention the...

1.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/11/13 6:9 p.m.60 views

Cb Customer Spotlight Series: Q&A with Integral’s Sean McFeely

Featuring Sean McFeely, Sr. Information Analyst at Valvoline’s Integral Defense This year at Cb Connect 2018, we had our first ever Developer Day to recognize our vibrant partner and developer ecosystem. We had an amazing group of 100 developers attend, culminating in a hackathon. Sean McFeely, S...

Exploits0
Total number of security vulnerabilities849