An Update on BadRabbit

Please see our notes below on BadRabbit, the latest ransomware threat.

First things first.

We have several measures in place to detect and stop network communications related to BadRabbit. To see if your Sentinel has detected BadRabbit-related traffic, search your Event Activity page for the term, ‘BadRabbit’.

Stay up to date.

That said, analysis of this ransomware is evolving quickly, and it’s important to stay on top of the story. One of the best resources we’ve found is Cisco’s Talos blog: http://blog.talosintelligence.com/2017/10/bad-rabbit.html

Follow on Twitter.

Twitter is a great place to stay on top of issues like this. You can follow us here: https://twitter.com/SentinelIPS and we’ll continue to tweet and retweet anything we deem relevant. You can also follow the #BadRabbit hashtag to see what people are saying about it.

As usual, let us know if you have any more questions.

By | 2018-02-05T05:31:05+00:00 October 26th, 2017|Network Security|Comments Off on An Update on BadRabbit