Blog

Detecting Black Basta Ransomware with ExtraHop NDR (Video)

ExtraHop

February 9, 2023

Black Basta ransomware reportedly compromised 90 organizations in five months, between April and September 2022, with attacks continuing that fall. The speed with which this ransomware moved, combined with its use of double extortion techniques and ability to turn off endpoint detection and response (EDR) solutions, caught the attention of the entire cybersecurity industry.

Watch this short video with ExtraHop expert Josh Snow as he guides you through a Black Basta ransomware attack, from initial access to how it impairs and turns off defenses. He explains how network detection and response (NDR) from ExtraHop Reveal(x) 360 can detect this attack at a variety of stages, from initial access, to reconnaissance, to command and control (C2) and beyond. Josh shows the tactics and techniques Reveal(x) 360 detects, including network privilege escalation, loading backdoors, C2 shell-based beaconing, unusual schedule task, Active Directory (AD) enumeration with BloodHound, and more.

Discover more

NDRRansomwareCybersecurityHow-ToSecurity ThreatsProducts

Explore related articles

Video: How to Use NDR to Detect Malware Threats Like SUNBURST

December 21, 2020

Video from ExtraHop: What we have learned about how the attack works and how NDR is essential to detect threats such as the SUNBURST malware.

CybersecuritySecurity Alerts

Read article

How Reveal(x) Network Detection & Response Makes MITRE ATT&CK Easier

July 2, 2020

Network detection and response (NDR) is a vital tool for broad, deep MITRE ATT&CK Framework coverage. This short post and three minute video shows how Reveal(x) integrates MITRE ATT&CK into threat investigations.

CybersecurityIndustry TrendsSecurity FrameworksNDR

Read article

Threat Investigation Speed Run with ExtraHop Reveal(x)

March 2, 2020

Watch the 2-minute video to see how quickly security teams can detect, investigate, and resolve a threat like ransomware using ExtraHop Reveal(x).

CybersecurityNDRRevealX

Read article

Experience RevealX NDR for Yourself

Schedule a demo

RevealX platform

Deployment

Integrations

Experience NDR

Capabilities

FAQs

Intrusion Detection System

Forensics

Experience NPM

Capabilities

FAQs

Forensics

Solutions

Ransomware Attacks

Advanced Threat Hunting

Threat Detection and Response

Network Forensics and Investigation

Security Hygiene

Cloud Workload Security

Operational Resilience

Troubleshooting and Resolution

Cloud Migration

Cloud Workload Monitoring

Network Forensics

Zero Trust

Multicloud & Hybrid Cloud Security

XDR Strategy

SOC Modernization

Financial Services

Education

Public Sector

Federal Civilian Agencies

Defense and Intelligence

State and Local Government

Why ExtraHop

Customer Stories

News

Careers

Technology Partners

Channel Partners

Managed Service Providers

Service Credits

Resident Experts

Deployments

Customer Community

Technical Support

Education Services

C-Level

Security Threats

Company

Products

How-To

NDR

NPM

Ransomware

Zero Trust

Reports

Demos & Videos

Customer Stories

Webinars

Papers & E-books

Data Sheets

Experience NDR

Capabilities

FAQs

Intrusion Detection System

Forensics

Experience NPM

Capabilities

FAQs

Forensics

Ransomware Attacks

Advanced Threat Hunting

Threat Detection and Response

Network Forensics and Investigation

Security Hygiene

Cloud Workload Security

Operational Resilience

Troubleshooting and Resolution

Cloud Migration