<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

Cybercrime Against Healthcare Soars During COVID-19

Healthcare has been one of the most severely impacted industries by the still-menacing COVID-19 virus. The sudden global pandemic created a surge in demand for clinical care, medical equipment, healthcare technologies and eventually - a solution. All of these and more rely on information technology. From making appointments and delivering healthcare to patients, to using internet-connected medical devices and developing vaccine research, COVID-19 response is vulnerable to cyber attacks on all levels. Being by far the most pressing issue today, it comes as no surprise that attackers are exploiting the difficult situation healthcare institutions are facing to wreak havoc and cash in on their struggle.

Read More

Share this:

New Silver Sparrow Malware Infects 30,000 Macs

The new macOS malware strain has infected almost 30,000 devices so far, running on Apple’s new M1 chips. Most instances were detected in the United States, United Kingdom, Canada, France and Germany, though it has been reported that Silver Sparrow has reached Macs in at least 153 countries.

Read More

Share this:

Preventing Phishing, Smishing and Vishing

When reading the names of these attacks out loud, we wouldn’t be surprised if the first thought that comes to mind is “how malicious can attacks with such cutesy names really be?”. Well, phishing is used as the attack vector for 95% of all targeted attacks against enterprise networks, and a single spear phishing attack results in an average loss of $1.6 million according to Security Boulevard. So yeah, phishing is quite a big deal.

But it’s not only classic email phishing that is causing a fuss. The FBI issued a warning last month about voice phishing attacks, also known as “vishing”. In their statement, the FBI shed light on a new wave of cybercriminals “taking advantage of changing environments and technology” during lockdown and other COVID-19 restrictions. In this blog post, we will explain how phishing works across different platforms, how to recognize the attacks and how to make sure you’re protected.

Read More

Share this:

How Long Does an IP Address Stay Infected?

One of the most interesting questions we get asked at TheatSTOP concerns how long an IP address remains bad once it has been identified as such. Each threat list treats its IPs slightly differently, so the answer is not completely straightforward and varies depending on which list the IP is on. Moreover, many lists do not display specific "first seen" or "last seen" data on each IP address, but rather simply list the currently active IPs (where “active” typically means that they have been identified as bad within the last week or so). Possibly worse for our questioners, some of the threat sources we use are distributed under terms that prohibit us from answering the question.

Read More

Share this:

ThreatSTOP's Hottest Content of the Year

Wondering what our readers were most interested in over the past year? Wonder no more! We've rounded up our most read articles of the year to save you time. Wrapping up the worldwide roller coaster that was 2020, we wish we were feeling a little more nostalgic. Covid-19 came in like a tornado and changed up our daily lives as we knew them. The security industry, accordingly, also had to change mindsets and processes to adjust to a new, distributed-access-focused reality.

The Best, according to you:

Read More

Share this:

Getting to Know all 4 Malware Strains from the SolarWinds Attack

Last month’s uncovering of the SolarWinds supply chain attack caused waves of panic and chatter across the U.S. and all over the world. How did such a widely-used and important software get breached? And are even the supposedly best-protected companies (and their customers) still at risk of compromise? Bit by bit, more information is being discovered about the famous attack we all recently witnessed. It is supposed that Russian nation-state actors are behind the breach that poisoned a SolarWinds software update, delivering the Sunburst backdoor to around 18,000 organizations and companies, including large tech companies such as Microsoft, FireEye and more. Even President Joe Biden is facing pressure from security advisors to urgently address what is being called one of the worst data breaches to ever hit the U.S. government. Since the original headlines outlining the Sunburst supply chain variant, additional malware strains involved in the attacks have also been discovered.

Read More

Share this:

Chinese Hacker Group APT27 Enters the Ransomware Business

New research has discovered a number of ransomware attacks linked to APT27, a hacker group widely believed to be operating from China. A report from Security Joes and Profero has outlined its response to a ransomware incident involving the encryption of several core servers. During their analysis, researchers also found malware samples tied to a DRBControl backdoor campaign from earlier this year, which targeted major gaming companies worldwide. Two Chinese APT groups have been linked to the campaign: APT27 and Winnti.

Read More

Share this:

Awesome New Password Protection Feature Added to Chrome

At ThreatSTOP we are unapologetic security geeks, we also happen to be security minimalists. In fact, we think anyone passionate about The Cybers aims to maximize protection with the fewest tools. Why? Because tools break, they have vulnerabilities, they cost money, they require care and feeding, etc. etc.. Is it crazy to think you can secure a network really well with only ThreatSTOP, a firewall, a DNS server, and good password hygiene? Heck no, that's not crazy, what is crazy is that a huge percentage of businesses (skewing to SMB of course) don't even check those minimums off the security must-have list, while lots of companies conversely have become collectors, with a SOC that looks like a virtual RSA tradeshow. So while we daydream about a future where enterprises don't have either zero or 70 different security products that aren't playing nice together, check out our favorite new tool (hah!) for managing passwords:

Google has announced a ton of new password protection features this week after releasing Chrome 88. The new browser version provides users with an easy shortcut to identify weak or compromised passwords and quickly change them. The new key icon will appear under your profile avatar, and clicking it will begin Google’s check for weak passwords. If found, the browser will immediately alert you and offer a one-click password change. Chrome 88 will also let users manage and update multiple passwords in the same place. This feature is currently available for desktop and iOS versions, and will be available for the Android Chrome app soon. Google has already seen a 37% reduction in compromised credentials in 2020 based on the Chrome Safety Check features and other improvements made last year. Today, Chrome’s safety check is used 14 million times every week.

Read More

Share this:

BOTNETS 101: INFAMOUS BOTNETS OF THE 21ST CENTURY

A botnet is a distributed network consisting of many compromised internet-connected devices, which are controlled by a centralized botmaster, and are utilized to perform synchronized tasks. Each infected machine is called a bot, and together their power is used to carry out various attacks. Botnets are usually created via malware infections, which gain persistence on the machines and “recruit” them to the botnet. Some of these malware variants can even self-propagate through networks, infecting many devices via one network entry point. The bandwidth amount “taken” from each bot is relatively small, so that the victim will not realize that their device is being exploited, but when thousands or even millions of machines are simultaneously instructed to perform a joint, targeted attack, the damage can be immense.

Although we are used to thinking of botnets as a collection of computers, these networks can be comprised of various types of devices – personal computers, laptops, mobile devices, smart watches, security cameras, and smart house appliances.

Our Security Research Team has created a timeline of the  most famous, dangerous and costly botnets of the century. Download the timeline here, or check it out at the bottom of this post.
Read More

Share this:

FBI WARNS: HACKERS WREAKING HAVOC THROUGH HOME SECURITY DEVICES

In a public service announcement last week, the FBI warned residents with camera and voice-capable smart devices that hackers are targeting them with swatting attacks that stem from stolen email credentials. Swatting is an attack in which ill-meaning attackers make a fake emergency call to the police, calling law enforcement and S.W.A.T teams into action on a fake premise. The hoax call usually mentions an immediate life threat so that law enforcement will scramble to arrive ASAP and in full force. This type of attack causes damage on both sides of the dangerous prank – police, who are taken away from other critical tasks, and homeowners whose hacked devices were used for the call, who are left confused and shaken or worse. Some health-related and even violent consequences of these situations have also been reported.

Read More

Share this:

ARCHIVES

see all

OTHER THREATSTOP OUTLETS

  1. ThreatSTOP on YouTube
  2. ThreatSTOP on Twitter