Date:

Demo: Hunting the Sony Wiper Malware, ‘Destover,’ Using Carbon Black

destoverlead

There has been a lot of coverage about the malware known as Destover. Several hashes have been released by US-CERT, the FBI and other organizations. This blog examines how you can look for this malware and its indicators of compromise… Read More

Screenshot Demo: Detecting Banking Trojan “Dyre/Dyreza” with Bit9 + Carbon Black

By: February 9, 2015
trojan

Within the last year, a new banking trojan has begun targeting large enterprises and major financial institutions. The malware, called “Dyre” or “Dyreza,” is typically spread through spam or phishing emails. If Dyre evades detection, the malware grabs sensitive user… Read More

It’s Time We Move from “Threat-Hunting” to “Risk-Hunting”

By: February 2, 2015
hunting

It’s an unprecedented time to be in the world of cyber defense. Malicious actors are becoming more aggressive both in scope and frequency. The public is asking why they need a new credit card every month. The President is saying… Read More

NSA Best Practices Now Include Application Whitelisting

By: January 26, 2015
nsareport

The Information Assurance Directorate of the National Security Agency/Central Security Service recently released a new document titled Defensive Best Practices For Destructive Malware. The document clearly states a concise overall strategy for preventing malware: “Prevent, Detect, and Contain.” Forgive my… Read More

Security Zen: The Path to Security Isn’t Always Black and White

By: January 22, 2015
zenpath

Please don’t tell anyone, but on some systems I used to administer a long time ago, I let “warez dudez” hang out on a couple of my file servers. (No, I did not use any of their warez.) This was… Read More

Following Poweliks Strike, Custom Bit9 Rule Offers Key Insight and Blocks Infection

By: January 21, 2015
ITsec

I love to hear stories about how our customers use our products. I previously wrote about a global services firm that used Bit9 to connect the dots to get to the bottom of an Internet Explorer exploit. This same company… Read More