Where do security professionals draw the line between protecting their company’s network, and delivering a free-range internet experience for their fellow employees? This quandary came up at ThreatSTOP recently, spurred by a support request we received from a customer who posed this very question to himself, his peers, and to us. It got us thinking, and made us wonder what the consensus is among security professionals who constantly wrestle with balancing the scales of security and user friction.
One of the most recent campaigns highlighting the importance of router security is Mirai (The botnet that had large scale attacks by infected IoT devices). Even before this, reports emphasized the importance and vulnerability of these devices. For example, Report by Malware Researcher Kafeine revealed the use of an exploit kit aimed to exploit routers. This method showed Google Chrome users were redirected to a malicious server that loaded code designed to determine router models. (While changing the DNS servers configured to the router)
“Crime as a Service” (CaaS): It’s not just a recently ramped up buzzword, it has actual backing and won't quietly fade into the night anytime soon. It’s a service that has the potential to mature into a larger organizational unit, which is telling of the cyber security issues we’ll be up against in the future.
Received a notice from Infoblox lately?
If you’re a DNS Legacy Firewall customer, you’ve probably gotten a warning to migrate to ActiveTrust by end of January….. or else. However, that’s not the case. The Threat Intelligence/RPZ Feed you’ve been utilizing with Infoblox is a ThreatSTOP powered service and it’s still operational. We’ve also been developing and improving our product, now offering our new, Next Generation DNS Firewall Service to active subscribers without any added charges.
Malicious content identified and inserted:
- IPs – 1625
- Domains – 4562
Target lists updated:
- TSCritical (Domains and IPs)
- TSRansomware (Domains and IPs)
- TSPhishing (Domains and IPs) – New Targets added!
- TSBanking (Domains and IPs) – New Targets added!
The evolving threats targeted at mobile devices and the increasing number of campaigns targeted at financial institutions have joined forces and become a double threat in what have become known as the The Emmental campaign.
Everyone knows you need to block the bad stuff from getting onto your network and calling home to its masters. However, what happens when something good gets incorrectly flagged as malicious? You’ve been hit with a false positive, and in some cases, this can be just as bad as letting something truly dangerous get through.
Banking Malware steals millions of dollars from both personal and business accounts in the United States every year. Personal accounts are insured by federal banking regulations, but businesses are less protected.