UPDATE : A rapid config concerning the ongoing SolarWinds breach has been posted here: https://community.carbonblack.com/t5/Threat-Research-Docs/Upcoming-SolarWinds-Breach-Rapid-Configs-Deployment/ta-p/99400 Summary FireEye recently disclosed a successful supply chain management attack...
7 Comments - no search term matches found in comments.
Detecting Svchost Deviations Preface This article discusses some ideas and existing detections for threat hunting anomalous svchost behaviors. This is not intended to be the end-all be-all, but meant to spur discussions around additional threat hunting queries. Background ...
The following article details and delineates the VMware Carbon Black Threat Research owned and updated feeds featured in VMware EDR and Enterprise EDR (CB Response and CB ThreatHunter, respectively). 3rd party feeds that are not maintained or modified by VMware CarbonBlack will not be discussed...
4 Comments - no search term matches found in comments.
Thank you to those who responded to our Threat Reports survey for CB Response and CB ThreatHunter (VMware EDR and VMware Enterprise EDR, respectively)! Your feedback is very valuable in shaping our detection engineering. We have read through your suggestions, and will incorporate them into our...
6 Comments - no search term matches found in comments.
The coronavirus (COVID-19) has created an unprecedented shift in the workplace, exposing unique security challenges for companies that need to maintain business continuity while driving a massive shift to a remote workforce. We invite you to join us on May 13-14 at Connect 2020 , a virtual...
The VMware Carbon Black Cloud provides many powerful new capabilities to organizations. With the advantage of including Defense, LiveOps, and ThreatHunter watchlist capabilities into a single agent, this is reducing overall endpoint agent bloat and providing rich telemetry, prevention, and...
Vidar InfoStealer - Malware Analysis TAU-TIN: https://community.carbonblack.com/t5/Threat-Research-Docs/TAU-TIN-Vidar-InfoStealer/ta-p/69668 Vidar is an info stealer trojan which was sold under the name Vidar Pro stealer and can be distributed through different campaigns. This...
I know what you're thinking... very creative name selection :) Today, we’re announcing an open source script our Cb Response customers can leverage to automatically generate MITRE ATT&CK Navigator heat map files. This heat map allows organizations to measure and visualize ...
Carbon Black Security Bulletin Overview When Carbon Black becomes aware of security-related issues in its products and services, a security bulletin is issued. This document describes the Carbon Black security bulletin approach, including: Scope Naming convention Distribution...
2 Comments - no search term matches found in comments.