How do you evaluate Carbon Black Response partners when they all promise the same things? These 7 questions can help guide your assessment.
Everyone, please take a deep breath and say it with me: “Macs are invulnerable to compromise.” Everyone knows that’s true, right? Attacking a Mac is impossible. Okay, well perhaps most of the population thinks that, but we are part of the uber-elite cyber-warriors that know better. All systems are vulnerable. Our Macs only get popped when we want them to, … Read More
Day after day, our Cyber Incident Response Team (CIRT) detects the threat vectors bad guys use to infiltrate organizations. This post will walk through a malware infection that used the Microsoft Sysinternals tool PsExec to attempt lateral movement, host reconnaissance, and network reconnaissance. We’ll show how the OODA loop method can help improve detection speed and accuracy—not only as the threat unfolded, but as our … Read More
The following article originally appeared on the Carbon Black blog. The author, Jimmy Astle, is a senior threat researcher at Carbon Black and a speaker on the upcoming webinar: Testing Visibility to Develop an Innovative Threat Hunting Program. MITRE ATT&CK is arguably one of the best assets available to security professionals who want to dive into the intricacies of detecting and … Read More
The volume of research in the information security community is at an all-time high with researchers chasing zero-days, bug bounties, and ways to bypass new security controls. Despite this wealth of research, not all new techniques catch on. The same way you enjoy listening to your favorite songs, adversaries love to go back and work with their favorite time-tested techniques. … Read More
You’ve heard the buzz around MITRE ATT&CK™ — but how do you apply this broad framework to your security program? We’re excited to kick off a three-part webinar series exploring how top security teams use ATT&CK as a roadmap to mature and expand their threat hunting programs. The first session features John Wunder, MITRE Principal Cybersecurity Engineer, alongside two long-time threat hunting gurus: Phil … Read More