Tag: VMware Carbon Black

Read the original article: Busting the Myths of Remote Workforce Security This is part of our ongoing conversation about the worldwide challenges of working remotely. To stay up-to-date on the latest insights, refer to our live page for COVID-19: Cybersecurity…

Read more →

Read the original article: Busting the Myths of Remote Workforce Security This is part of our ongoing conversation about the worldwide challenges of working remotely. To stay up-to-date on the latest insights, refer to our live page for COVID-19: Cybersecurity…

Read more →

Read the original article: Predicting the Future of the SOC Analyst I’ve been a SOC Analyst for four years now and was a desktop support engineer before that. When I first started as a SOC Analyst it was an exciting…

Read more →

Read the original article: ‘Modern Bank Heists’ Threat Report Finds Dramatic Increase in Cyberattacks Against Financial Institutions Amid COVID-19 This marks the third edition of the Modern Bank Heists report, which takes an annual pulse of some of the financial…

Read more →

Read the original article: Bringing Intrinsic Security to Containers: VMware Announces Intent to Acquire Octarine Today is a very exciting day for VMware and for our customers as we announce our intent to acquire Octarine, whose innovative security platform for Kubernetes applications…

Read more →

Read the original article: Kicking off Developer Day 2020 Developer Day 2020 kicks off today with seven on-demand sessions for more than 2,600 registrants. This is the first time Developer Day has been held in a virtual setting and the VMware Carbon Black team is excited to welcome the…

Read more →

Read the original article: Cybersecurity Needs to Go Back to the Basics This is part of our ongoing conversation about the worldwide challenges of working remotely. To stay up-to-date on the latest insights, refer to our live page for COVID-19:…

Read more →

Read the original article: Tips for Securing Remote Work from Homes to Corporate Networks On a recent webinar, Ryan Murphy, a founding team member of VMware Carbon Black, interviewed Cybersecurity Strategists, Tom Kellerman and Rick McElroy on how to work…

Read more →

Read the original article: Tips for Securing Remote Work from Homes to Corporate Networks On a recent webinar, Ryan Murphy, a founding team member of VMware Carbon Black, interviewed Cybersecurity Strategists, Tom Kellerman and Rick McElroy on how to work…

Read more →

Read the original article: Join Us for the Virtual Connect 2020 Conference Every year, VMware Carbon Black Connect brings together some of the best and brightest in security to collaborate on solving today’s most pressing problems and to learn about…

Read more →

Read the original article: Join Us for the Virtual Connect 2020 Conference Every year, VMware Carbon Black Connect brings together some of the best and brightest in security to collaborate on solving today’s most pressing problems and to learn about…

Read more →

Read the original article: Join us for the Virtual Connect 2020 Conference Every year, VMware Carbon Black Connect brings together some of the best and brightest in security to collaborate on solving today’s most pressing problems and to learn about…

Read more →

Read the original article: MITRE ATT&CK Evaluation Demonstrates the Power of the VMware Carbon Black Cloud MITRE has released the results for its latest endpoint detection and response (EDR) product evaluation using its now industry-standard open methodology, the ATT&CK® framework.…

Read more →

Read the original article: MITRE ATT&CK Evaluation Demonstrates the Power of the VMware Carbon Black Cloud MITRE has released the results for its latest endpoint detection and response (EDR) product evaluation using its now industry-standard open methodology, the ATT&CK® framework.…

Read more →

Read the original article: Intrinsic Security Series: Blog 1 (Tom Corn Video) We Need to Change the Structure of Security to Transform Security Tom Corn, Senior Vice President of Security Products at VMware, was recently recorded giving his overview of…

Read more →

Read the original article: Intrinsic Security Series: Blog 1 (Tom Corn Video) We Need to Change the Structure of Security to Transform Security Tom Corn, Senior Vice President of Security Products at VMware, was recently recorded giving his overview of…

Read more →

Read the original article: VMware Carbon Black TAU Threat Analysis: The Evolution of Lazarus On February 14, 2020 the U.S. Department of Homeland Security (DHS) released a Malware Analysis Report (MAR-10271944-1.v1) which provided information about a trojan they referred to…

Read more →

Read the original article: Time for Reflection and Thanks Most of the programs I ran used calendar years for project planning, budgets, etc. I always found November to be a good time to reflect on the progress made, plan for…

Read more →

Read the original article: Amid COVID-19, Global Orgs See a 148% Spike in Ransomware Attacks; Finance Industry Heavily Targeted Cyber criminals often exploit fear and uncertainty during major world events by launching cyberattacks. These attacks are often performed with social engineering campaigns…

Read more →

The sudden and dramatic shift to a mobile workforce has thrust video conferencing into the global spotlight and evolved video conferencing vendors from enterprise communication tools to critical infrastructure. During any major (and rapid) technology adoption, cyberattackers habitually follow the…

Read more →

Recently, I spent two weeks traveling across Europe talking with defenders, reporters, and leaders of security programs. While each country faces its own unique challenges and has its own needs, there were a few themes that were consistently present. (Threat…

Read more →

NetWire, an information stealing RAT that dates back multiple years, has been witnessed in the wild recently using a tactic of combining Windows shortcut link files and AutoIt scripts. These scripts pose as BitTorrent files, a protocol used for direct…

Read more →

(Editor’s Note: Gary Stevens, a technology writer, is posting as a guest author to carbonblack.com) Despite the global COVID-19 response and current recommendations for social distancing, institutions, enterprises and businesses still need to function and maintain all necessary operations where…

Read more →

Novel Coronavirus (COVID-19) has thrust personal safety and security into the public’s consciousness in an unprecedented way. Families, employees and global businesses have been forced to upend their lives to make their respective communities healthier and more resilient.  Our collective response to COVID-19 is critical to…

Read more →

Thank you to everyone who applied for the vExpert Security sub-group and thank you to the vExpert PRO’s for doing their part in this process. We are pleased to announce the list of 2020 vExperts Security. Each of these vExperts…

Read more →

This is part of our ongoing conversation about the worldwide challenges of working remotely. To stay up-to-date on the latest insights, refer to our live page for COVID-19: Cybersecurity Community Resources.  As organizations around the world transition to remote work en masse, cybersecurity professionals are focused on securing their workforces more than ever. Continued business productivity should not come…

Read more →

It’s no secret that the way the world works has shifted since COVID-19 came on the scene. Operations are going remote and, for many government and federal agencies, this is new territory. This novelty is compounded by the fact that…

Read more →

According to the World Health Organization:  “Burn-out is a syndrome conceptualized as resulting from chronic workplace stress that has not been successfully managed. It is characterized by three dimensions: feelings of energy depletion or exhaustion increased mental distance from one’s job,…

Read more →

The VMware Carbon Black team has a mission to keep your entire organization safe from cyber attacks. To deliver on this for today’s landscape, the Carbon Black Cloud platform has added malware prevention for Linux to bring the entire protection…

Read more →

Novel Coronavirus (COVID-19) has thrust personal safety and security into the public’s consciousness in an unprecedented way. Families, employees and global businesses have been forced to upend their lives to make their respective communities healthier and more resilient.  Our collective response to COVID-19 is critical to…

Read more →

Overview APT29, also known as The Dukes or Cozy Bear, is a cyberespionage group active since at least 2008. It’s believed that the group operates either under the Russian Foreign Intelligence Service (SVR) or the Russian Federal Security Service (FSB).…

Read more →

I’ve learned a ton of lessons over my years in the InfoSec world. I’ve made a lot of the right calls, but also a bunch of wrong ones. One of the lessons I have learned is how to operate in…

Read more →

When a crime is committed, one of the first things the police do is collect evidence from any security cameras nearby, and these days, cameras are everywhere. That’s a model that federal agencies want to apply to cybersecurity. This constant…

Read more →

Security is a team sport, or at least it should be. Given the constant behavior evolution we see from attackers and the vast IT footprint attackers can target, IT and security teams clearly face an uphill battle. Whereas attackers only…

Read more →

In light of the latest update to the MITRE ATT&CK framework, Red Canary has developed a Threat Detection Report uncovering the top techniques attackers use to target your organization. To understand the significance of the report, we turned to two…

Read more →

Novel Coronavirus (COVID-19) has thrust personal safety and security into the public’s consciousness in an unprecedented way. Families, employees and global businesses have been forced to upend their lives to make their respective communities healthier and more resilient.  Our collective response to COVID-19 is critical to…

Read more →

Novel Coronavirus (COVID-19) has thrust personal safety and security into the public’s consciousness in an unprecedented way. Families, employees, and global businesses have been forced to upend their lives to make their respective communities healthier and more resilient.  A key…

Read more →

Novel Coronavirus (COVID-19) has thrust personal safety and security into the public’s consciousness in an unprecedented way. Families, employees, and global businesses have been forced to upend their lives to make their respective communities healthier and more resilient.  A key…

Read more →

With COVID-19’s spread, there have been numerous recommendations from health authorities and experts that one of the best, first-level measures to help spread infection is to wash hands with soap and water thoroughly for 20 seconds. In recent days, we’ve…

Read more →

Novel Coronavirus (COVID-19) has thrust personal safety and security into the public’s consciousness in an unprecedented way. Families, employees and global businesses have been forced to upend their lives to make their respective communities healthier and more resilient.  Our collective response to COVID-19 is critical to…

Read more →

If this year’s 2020 Cybersecurity Outlook Report taught us anything, it’s that defenders are seeing an increasing amount of defense evasion techniques in their environments. It’s crucial for security teams to have the granular visibility they need to spot malicious…

Read more →

Novel Coronavirus (COVID-19) has thrust personal safety and security into the public’s consciousness in an unprecedented way. Families, employees and global businesses have been forced to upend their lives to make their respective communities healthier and more resilient.  Our collective response to COVID-19 is critical to…

Read more →

The endpoint detection and response (EDR) market is not only more critical than ever, it is also going through the biggest period of innovation in its history – bigger than when EDR was first introduced by Carbon Black 7 years…

Read more →

In security, 2016 was “The Year of Ransomware.” Since then, ransomware has only gotten more pervasive, costing billions in damages. In that vein, 2019 could have been referred to as “The Year of Ransoming Governments.” More than 70 state and…

Read more →

In 2019, roughly 45 million healthcare records were breached in the United States. With ransomware as their go-to technique, cyber attackers are targeting healthcare providers, medical devices, and critical supply chains more than ever before. The latest Osterman Research report,…

Read more →

In 2019, attacker behavior evolved, becoming more evasive. The most common behaviors seen across all attack data—mapped to the MITRE ATT&CK™ Framework—were: Software Packing for Defense Evasion, Hidden Windows for Defense Evasion, Standard Application Layer Protocol for Command and Control…

Read more →

In 2019, attacker behavior evolved, becoming more evasive. The most common behaviors seen across all attack data—mapped to the MITRE ATT&CK™ Framework—were: Software Packing for Defense Evasion, Hidden Windows for Defense Evasion, Standard Application Layer Protocol for Command and Control…

Read more →

We’re excited to share that the VMware Security Products Team and Carbon Black is announcing a new Security vExperts program. If you’re not familiar with vExperts, the program is designed to recognize individuals who are passionate about sharing their knowledge…

Read more →

Last week VMware Carbon Black attended the RSA Conference 2020 in San Francisco! This year was bigger than ever before, as we shared our vision for intrinsic security — for a safer, more effective world. Get all the highlights and…

Read more →

Having been in the industry for longer than I care admit, I have seen the growth pre and post public internet.  With that growth, there have been many changes with how organizations address the balance of IT Operations and Security,…

Read more →

FTCODE is a fully PowerShell-based ransomware. It is distributed via malicious document files that contain macros or using VBScript to download and launch the malicious PowerShell script. FTCODE ransomware will scan a specific list of file extensions and encrypt them…

Read more →

In case you missed it, we are excited to release our latest report from the VMware Carbon Black Threat Analysis Unit (TAU), the “2020 Cybersecurity Outlook Report”. In the search for clarity in the modern attacker vs. defender battle, it’s…

Read more →

As mentioned in the first blog in this series, Melanie, a performance engineer at VMware Carbon Black, built both baseline and investigative tests for the engineers that develop and maintain the company’s reputation services. Here’s a deeper look at these…

Read more →

(**Editor’s Note: **Sam Bocetta, a guest author on the VMware Carbon Black blog, is a freelance journalist specializing in U.S. diplomacy and national security, with emphases on technology trends in cyber warfare, cyber defense, and cryptography.) In today’s digital environment,…

Read more →

This year at the RSA Conference, VMware will be highlighting our vision for Intrinsic Security, a safer, more effective security built into the fabric of the various infrastructure control points that are vulnerable to attack (endpoint, identity, network, cloud, workload). …

Read more →

In two previous blogs, VMware Carbon Black software engineers discussed how important it was to maintain a balance of latency, scale, and cost as they built out and enhanced the company’s reputation services. They also provided some insights into the…

Read more →

In two previous blogs, VMware Carbon Black software engineers discussed how important it was to maintain a balance of latency, scale, and cost as they built out and enhanced the company’s reputation services. They also provided some insights into the…

Read more →

This year at the RSA Conference, VMware will be highlighting our vision for Intrinsic Security, a safer, more effective security built into the fabric of the various infrastructure control points that are vulnerable to attack (endpoint, identity, network, cloud, workload). …

Read more →

The importance of cybersecurity in the context of the democratic process has become undeniable—with nation-state hackers setting their sights on elections as effective vehicles for attack, disruption, and social unrest. Christopher Wray, the Director of the FBI, testified to Congress…

Read more →

Summary The VMware Carbon Black Threat Analysis Unit (TAU) previously released a blog post documenting the Winnti version 4.0 malware. The new command and control (C2) protocol that was implemented in one of the 4.0 samples was completely different from…

Read more →

Today’s world is dramatically different than even five years ago. Ransomware attacks, which used to make global headlines, are now commonplace. Cybercriminals—who have historically targeted large enterprises—are now also setting their sights on state and local governments. New, sophisticated cyberattacks…

Read more →

Today’s world is dramatically different than even five years ago. Ransomware attacks, which used to make global headlines, are now commonplace. Cybercriminals—who have historically targeted large enterprises—are now also setting their sights on state and local governments. New, sophisticated cyberattacks…

Read more →

As the cybersecurity world advances, organizations are starting to change their approach to security. More and more teams are moving to the cloud to maximize their endpoint protection and simplify their security stack. Using VMWare Carbon Black’s Cloud platform, our…

Read more →

At VMware Carbon Black, we’re excited to continue exploring our approach to Intrinsic Security. What what does “intrinsic security” mean, and how does it help enhance and support an organization’s existing security stack?  Truly, there has never been a more challenging nor exciting time in cybersecurity. Sophistication…

Read more →

Following our initial reporting of this threat, Carbon Black’s Threat Analysis Unit (TAU) has continued following the Shlayer family of malware and monitoring changes adopted by this campaign. Although detection by antivirus vendors has improved over the past year, the malware authors continue to release new…

Read more →

Ryuk Ransomware has been crippling both the public and private sector recently with the ability to disrupt its target environment. The ransomware will typically be dropped by an already compromised system that has been infected by Trickbot or Emotet through…

Read more →

Imagine waking up in the morning, flipping on your light switch and nothing happens.  The natural human response is to flip the switch a few more times before realizing something is wrong.  You jump out of bed and notice the…

Read more →

MailTo is a ransomware variant that has recently been reported to have been part of a targeted attack against Toll Group, an Australian freight and logistics company. This ransomware makes no attempt to remain stealthy, and quickly encrypts the user’s…

Read more →

[As you may have seen in Part One of this blog, one of our engineering teams at VMware Carbon Black was tasked with building a Unified Binary Store (UBS) that would increase operational efficiencies and serve as a centralized source…

Read more →

MITRE recently conducted its second ATT&CK exercise in their ongoing annual series of Endpoint Security Efficacy testing and evaluation. This test focuses on assessing the behavioral capabilities of multiple endpoint security vendors against a simulated adversary, based closely around well-documented, real-world…

Read more →

A new enterprise targeting ransomware named ‘SNAKE’ was recently discovered. Similar to the other variants of ransomware, it will stop numerous processes or services such as antivirus software and perform the deletion of volume shadow copies to ensure all the…

Read more →

A new enterprise targeting ransomware named ‘SNAKE’ was recently discovered. Similar to the other variants of ransomware, it will stop numerous processes or services such as antivirus software and perform the deletion of volume shadow copies to ensure all the…

Read more →

BraunAbility is a mobility vehicle company committed to improving access and transportation for the world’s wheelchair community. Driven by a strong corporate culture of doing right by their customers and communities, providing advanced security has become an essential pillar of…

Read more →

During the end of the year 2019, a ransomware named ‘Snatch” was discovered. Snatch ransomware will force Windows to reboot in Safe Mode (where most of the software and system drivers will not be running) in order to perform the…

Read more →

Several different events in the Middle East (ME) region have escalated in the last several weeks between Iran and the United States.  After a series of  military operations between the two countries, several alerts were released from the U.S. government…

Read more →

In early January 2020, a new ransomware named ‘SatanCryptor’ was discovered. After it performs file encryption, it will drop a ransom note named “# SATAN CRYPTOR #.hta” and append ‘.satan’ as a file extension to the encrypted files. In addition,…

Read more →

Several different events in the Middle East (ME) region have escalated in the last several weeks between Iran and the United States.  After a series of  military operations between the two countries, several alerts were released from the U.S. government…

Read more →

During the end of the year 2019, a ransomware named ‘Snatch” was discovered. Snatch ransomware will force Windows to reboot in Safe Mode (where most of the software and system drivers will not be running) in order to perform the…

Read more →

In early January 2020, a new ransomware named ‘SatanCryptor’ was discovered. After it performs file encryption, it will drop a ransom note named “# SATAN CRYPTOR #.hta” and append ‘.satan’ as a file extension to the encrypted files. In addition,…

Read more →

This week, as part of its monthly patch Tuesday release, Microsoft disclosed an important security vulnerability (CVE-2020-0601) affecting millions of Windows 10 and Windows Server 2016 & 2019 systems. More specifically, this vulnerability is a result of the way Windows…

Read more →

Like most technology companies, VMware Carbon Black has a combination of acquired and built technologies that all utilize their own data stores. As our products have evolved to include the benefits of a centralized cloud offering, our data stores needed…

Read more →

Recently, security researchers revealed a Proof of Concept attack that leverages the BlueKeep vulnerability. Whenever this type of news breaks on the twittersphere, organizations are left with the question: “Are we susceptible to this type of attack?” Using CB LiveOps,…

Read more →

Team Riptide was tasked with creating an environment for our developers that removes operational burdens. We wanted to provide them with infrastructure, best practices, automation, and self-service tooling so that they could focus on innovation. The result is an internal…

Read more →