Bi-Weekly Security Update 3/15/2017

 

Malicious Content Identified and Inserted:

  • IPs – 3680
  • Domains – 603

Target List Content Updated:

  • TSCritical
  • TSRansomware
  • TSPhishing
  • TSBanking
Read More

Share this:

EITest – The Long Living Campaign

EITest is a campaign initially discovered in 2014 by Malwarebytes. It distributes malware (that uses iframes) through a flash file on a compromised site, followed by exploitation through an Exploit Kit. In the past, this campaign was used to distribute malware including Cerber, CryptoMix, CryptoShield, Gootkit and the Chthonic banking Trojan, all using various types of Exploit Kits.

Read More

Share this:

3 New Targets Protecting Against Drive-By Attacks

We are happy to announce the release of 3 new targets, specifically protecting against Drive-By attacks. In a drive-by attack, web sites are used as malware droppers. The targets include manually identified domains, as well as domains identified by running known botnet domain generation algorithms. These 3 new targets are built for users to choose the level of protection that accommodates their needs.


The 3 new targets are:

Read More

Share this:

ThreatSTOP Bi-weekly Security Update

Malicious content identified and inserted:

  • IPs – 3967
  • Domains – 391

Target list content updated:

  • TSCritical
  • TSRansomware
  • TSPhishing
  • TSBanking
Read More

Share this:

Magic Hound Sniffs Out Trouble

 

Magic Hound, as dubbed by researchers at Palo Alto Networks, is a targeted espionage campaign against Saudi Arabian government, energy and technology industries. The campaign utilized a common phishing tactic, embedding macros into Word and Excel documents. If the victim enabled macros on the document, Powershell scripts downloaded additional malware onto their computer, such as the open-source Python RAT, Pupy.

Read More

Share this:

Highlights, Trends & Predictions from RSA 2017

We’re back!


It was a fun, productive week in San Francisco exhibiting and chatting with attendees about our product suite, including the soon-to-be ThreatSTOP family member, Roaming Endpoint.

 

 

Read More

Share this:

ThreatSTOP at RSA 2017

Hello again, San Francisco! We can’t believe it’s already the third day of RSA, but we’ve had a great time exhibiting and talking to attendees and partners about our newest product, Roaming Endpoint. (And our existing products, DNS and IP Firewall Services)

Read More

Share this:

Bi-weekly Security Update 2/15/2017

Malicious content identified and inserted:

  • IPs – 1318
  • Domains – 323

Target list content updated:

  • TSCritical
  • TSRansomware
  • TSPhishing
  • TSBanking
Read More

Share this:

ThreatSTOP Launches New Roaming DNS Protection Service at RSA

The Cyber Security Start Up’s Answer to Roaming Security

CARLSBAD, CA: Feb 8, 2017:  Cyber security company ThreatSTOP announced today a Cloud-based offering that quickly detects and automatically blocks DNS attacks on laptops outside a secured company network, without using external 3rd party DNS servers or requiring a VPN connection. This new SaaS offering, Roaming Endpoint, is ThreatSTOP’s answer to a growing mobile workforce, protecting devices when they leave the corporate network, anywhere and anytime.

Read More

Share this:

Locky Back in Action

Locky, the infamous ransomware plaguing computers worldwide since it was first seen early last year, has recently made a comeback after a severe drop in activity over the holiday season. The Necurs botnet, which is Locky's primary distributor, was offline for the final weeks of 2016, equating to an 81% decrease in the number of Locky attacks.

Read More

Share this: