All Products: What configuration needs to be setup to protect against AuKill?
Article ID: 288569
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Carbon Black Cloud Endpoint Standard (formerly Cb Defense)
Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)
Carbon Black EDR (formerly Cb Response)
Carbon Black Hosted EDR (formerly Cb Response Cloud)
Issue/Introduction
What configuration needs to be setup in to protect against AuKill malware?
Environment
- Carbon Black Cloud: All Versions
- EDR (formerly CB Response): All Versions
- App Control (formerly CB Protection): All Versions
Resolution
The Threat Research team has reviewed this and have prepared a document with recommended configurations:
https://community.carbonblack.com/t5/Threat-Research-Docs/TAU-TIN-AuKill/ta-p/118202
https://community.carbonblack.com/t5/Threat-Research-Docs/TAU-TIN-AuKill/ta-p/118202
Additional Information
- Any follow-up questions regarding the document can be shared on the post itself for the TAU-TIN team to address
- The TAU-TIN team regularly publish articles on critical vulnerabilities and how to best prevent attacks. Follow the Threat Research space for the latest updates.
Feedback
Yes
No
Powered by
