All Products: What configuration needs to be setup to protect against Qakbot Ransomware?
Article ID: 288584
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Carbon Black Cloud Endpoint Standard (formerly Cb Defense)
Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)
Carbon Black EDR (formerly Cb Response)
Carbon Black Hosted EDR (formerly Cb Response Cloud)
Issue/Introduction
What configuration needs to be setup in to protect against Qakbot a.k.a. Qbot/QuackBot/PinkslipBot Ransomware?
Environment
- Carbon Black Cloud: All Versions
- EDR (formerly CB Response): All Versions
- App Control (formerly CB Protection): All Versions
Resolution
The Threat Research team has reviewed this and have prepared a document with recommended configurations:
https://community.carbonblack.com/t5/Threat-Research-Docs/TAU-TIN-Qakbot/ta-p/113460
https://community.carbonblack.com/t5/Threat-Research-Docs/TAU-TIN-Qakbot/ta-p/113460
Additional Information
The TAU-TIN team regularly publish articles on critical vulnerabilities and how to best prevent attacks. Follow the Threat Research space for the latest updates.
Feedback
Yes
No
Powered by
