ThreatSTOP at RSA 2017

Hello again, San Francisco! We can’t believe it’s already the third day of RSA, but we’ve had a great time exhibiting and talking to attendees and partners about our newest product, Roaming Endpoint. (And our existing products, DNS and IP Firewall Services)

Share this:

Bi-weekly Security Update 2/15/2017

Malicious content identified and inserted:

  • IPs – 1318
  • Domains – 323

Target list content updated:

  • TSCritical
  • TSRansomware
  • TSPhishing
  • TSBanking

Share this:

ThreatSTOP Launches New Roaming DNS Protection Service at RSA

The Cyber Security Start Up’s Answer to Roaming Security

CARLSBAD, CA: Feb 8, 2017:  Cyber security company ThreatSTOP announced today a Cloud-based offering that quickly detects and automatically blocks DNS attacks on laptops outside a secured company network, without using external 3rd party DNS servers or requiring a VPN connection. This new SaaS offering, Roaming Endpoint, is ThreatSTOP’s answer to a growing mobile workforce, protecting devices when they leave the corporate network, anywhere and anytime.

Share this:

Locky Back in Action

Locky, the infamous ransomware plaguing computers worldwide since it was first seen early last year, has recently made a comeback after a severe drop in activity over the holiday season. The Necurs botnet, which is Locky's primary distributor, was offline for the final weeks of 2016, equating to an 81% decrease in the number of Locky attacks.

Share this:

CryptXXX Ransomware Spread Through SoakSoak Botnet: Two Big Actors As One

CryptXXX and SoakSoak are huge threats individually.

Share this:

One Email: Countless Phishing Domains

We often analyze indictors of phishing-related compromise from techhelplist.com. These lists contain a large number of indicators, usually not all related to one campaign, but to countless ones that have already spread before the lists were updated.

Share this:

DGA Updates

wood-cube-473703_1280.jpg

In December, we introduced a target list of more than 20 malware family DGAs provided by our friends over at 360 Research Team. Continuing their great work, we are happy to integrate 7 new malware DGAs:

Share this:

The “TelePort Crew” Evolves from Carbanak

The "Digital Plagiarist" campaign, dubbed by researchers at the tr1adx team, was run by the "TelePort Crew” and appears to be an evolution of the Carbanak cybercrime group. This group is infamous for a large-scale campaign against banks, leading to the 2015 theft of hundreds of millions of dollars and the Carbanak/Anunak malware that targets point of sale machines.

Share this:

Sure, Just a Threat Feed Works. Like Biden Without Ray-Bans.

 

Sure, just any old threat feed will do. Like those one-size-fits-all “I Heart NY” shirts in Times Square. Just like Chipotle without guac (if you’re obsessed with both Chipotle and guac, like me) or Caesar salad with no… dressing. Laverne without Shirley, Biden without Ray-Bans, or maybe the internet without a politically topical meme. I’m going somewhere with this…. I promise.

Share this:

Bi-weekly Security Update

Bi-weekly Security Update

Malicious content identified and inserted:

  • IPs – 960
  • Domains – 1653

Share this: