Blog Threat Alert: #BadRabbit Correlations & Enrichment on TruSTAR

Threat Alert: #BadRabbit Correlations & Enrichment on TruSTAR

We’re seeing relevant activity on our platform related to Bad Rabbit ransomware. If you’re interested in enrichment data look no further. 

What we know:

On Tuesday, the security community began tracking a new outbreak of ransomware called BadRabbit. This ransomware has infected hundreds of computers—mostly in Russia, but with some victims in Ukraine, Turkey, Bulgaria, and Germany—according to security firms including ESET and Kaspersky.

• Researchers are seeing similarities between BadRabbit and Petya/NotPetya, even though the infection vector is different. The outbreak remains only a small fraction of the size of the NotPetya epidemic.

What we’re seeing on TruSTAR:

• A number of reports with IOC’s and context for BadRabbit are now available on TruSTAR.

• As more information is available we will be tracking any overlap between NotPetya infrastructure and BadRabbit.


What you can do:

• Log into TruSTAR and download IOC’s from BadRabbit submissions.

• You can also search for “BadRabbit” to view reports related to this campaign and download associated IOC’s.

• Follow a BadRabbit report and get notified of additional activity. 

We’re collecting more IOC’s and relevant context on a daily basis. Submit reports and update them regularly to enhance contextual data. Don’t hesitate to reach out with questions or concerns to the TS Responder team. We’ll be watching closely.

Intelligence Management and Gartner's SOAR: Thinking About Workflow First Gartner's Security Orchestration Automation and Response (SOAR) market category was announced in November 2017, and since then we've seen numerous ... Read More
CISO Panel on Intelligence Fusion: A New Era of Cybersecurity TruSTAR recently sat down with two seasoned CISOs from the financial sector to talk about the converge of security data and the emergence of Fusion ... Read More
The Rise of the Enterprise Intelligence Officer - Panel Discussion With Former CIA and AT&T Read More
TruSTAR Industry Talks: Scoping Out the Security Space with Darktrace, Trustwave, Bugcrowd and Avast At RSA 2018, TruSTAR co-founder Patrick Coughlin had the opportunity to moderate a series of panels in partnership with The Wall Street Journal and ... Read More