Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

4/2/2019
05:25 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Global Incident Response Threat Report (GIRTR) from Carbon Black Details Notable Rise in Island Hopping and Counter Incident Response (IR) Behaviors

Survey finds attackers 'fighting back' against security teams while also targeting supply chains With one of the most robust IR communities in cybersecurity, Carbon Black partners conduct more than one response engagement per day, on average, using Carbon Black software

WALTHAM, Mass., April 02, 2019 (GLOBE NEWSWIRE) -- Carbon Black (NASDAQ: CBLK), a leader in cloud-delivered, next-generation endpoint security, today announced the release of its latest Global Incident Response Threat Report, aggregating key findings from IR partner investigations during the last 90 days.

Click here to download the full report from Carbon Black.

Carbon Black’s 100+ IR partners conducted more than 500 response engagements in 2018 and continue to use Carbon Black solutions in more than one engagement per day, on average. The insights from the GIRTR chronicle Carbon Black partners’ experiences during these critical engagements.

Among the key findings from the report:

  • Half of today’s surveyed attacks leverage “island hopping,” the report noted, meaning attackers are not only after a network, but supply chains as well

  • More than half of survey respondents (56%) encountered instances of counter-incident response in the past 90 days

  • 70% of all attacks now involve attempts at lateral movement, according to the survey results, as attackers take advantage of new vulnerabilities and native operating system tools to move around a network

  • Nearly a third (31%) of targeted victims now experience destructive attacks, the survey noted — an alarming byproduct of attackers gaining better and more prolonged access to targets' environments

"Attackers are fighting back. They appear to have no desire to leave the environment. And they don’t just want to rob you and those along your supply chain. In the parlance of the dark web, attackers these days appear to want to ‘own’ your entire system,” said Tom Kellermann, Carbon Black’s Chief Cybersecurity Officer.

According to the survey results, the financial and healthcare industries remain most vulnerable to destructive attacks, but the threat to manufacturing companies has grown significantly. In the past 90 days, nearly 70% of all respondents saw attacks on the financial industry, followed by healthcare (61%) and manufacturing (59%, up from 41% in the previous report).

The latest GIRTR aggregates qualitative and quantitative input from 40+ Carbon Black IR partners and includes detailed case studies from BTB Security, DarkMatter and Optiv. The report’s goal is to offer actionable intelligence for business and technology leaders, fueled by analysis of the newest threats, and expert insights on how to stop them. This is Carbon Black’s third Global IR report since introducing it in July 2018.

Click here to download the full report from Carbon Black.

About Carbon Black

Carbon Black (NASDAQ: CBLK) is a leader in endpoint security dedicated to keeping the world safe from cyberattacks. The company’s big data and analytics platform, the CB Predictive Security Cloud (PSC), consolidates endpoint security and IT operations into an extensible cloud platform that prevents advanced threats, provides actionable insight and enables businesses of all sizes to simplify operations. By analyzing billions of security events per day across the globe, Carbon Black has key insights into attackers’ behavior patterns, enabling customers to detect, respond to and stop emerging attacks.

More than 5,000 global customers, including 34 of the Fortune 100, trust Carbon Black to protect their organizations from cyberattacks. The company’s partner ecosystem features more than 500 MSSPs, VARs, distributors and technology integrations, as well as many of the world’s leading IR firms, who use Carbon Black’s technology in more than 500 breach investigations per year.

Carbon Black and CB Predictive Security Cloud are registered trademarks or trademarks of Carbon Black, Inc. in the United States and/or other jurisdictions.

Contact
Ryan Murphy, Carbon Black
Senior PR Manager
917-693-2788
[email protected]

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Aviation Faces Increasing Cybersecurity Scrutiny
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/22/2019
Microsoft Tops Phishers' Favorite Brands as Facebook Spikes
Kelly Sheridan, Staff Editor, Dark Reading,  8/22/2019
MoviePass Leaves Credit Card Numbers, Personal Data Exposed Online
Kelly Sheridan, Staff Editor, Dark Reading,  8/21/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2016-6154
PUBLISHED: 2019-08-23
The authentication applet in Watchguard Fireware 11.11 Operating System has reflected XSS (this can also cause an open redirect).
CVE-2019-5594
PUBLISHED: 2019-08-23
An Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") in Fortinet FortiNAC 8.3.0 to 8.3.6 and 8.5.0 admin webUI may allow an unauthenticated attacker to perform a reflected XSS attack via the search field in the webUI.
CVE-2019-6695
PUBLISHED: 2019-08-23
Lack of root file system integrity checking in Fortinet FortiManager VM application images of all versions below 6.2.1 may allow an attacker to implant third-party programs by recreating the image through specific methods.
CVE-2019-12400
PUBLISHED: 2019-08-23
In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this im...
CVE-2019-15092
PUBLISHED: 2019-08-23
The webtoffee "WordPress Users & WooCommerce Customers Import Export" plugin 1.3.0 for WordPress allows CSV injection in the user_url, display_name, first_name, and last_name columns in an exported CSV file created by the WF_CustomerImpExpCsv_Exporter class.