US House Unanimously Passes Email Warrant Bill

The US House has passed a bill to repeal a Regan-era law allowing law enforcement to request copies of emails, and data older than 180 days. The 1986 email privacy law was written to establish electronic documents older than six months as abandoned. This allowed the government to consider the data 'garbage' and request copies of it from service providers without a warrant.

Share this:

May 26: SANS "What Works" with Hillsborough Community College

John Pescatore of the SANS Institute will be interviewing ThreatSTOP customer Ken Compres of Hillsborough Community College on May 26 at 1:00 pm Eastern for a "What Works" webinar on the ThreatSTOP Shield platform.

Share this:

FBI Pays $1 million to ??? to Crack iPhone

The Washington Post reported today that the FBI paid a one-time fee of $1 million to hackers to crack the San Bernardino shooter's phone. The article goes on to say that authorities have not revealed the identity of the hackers.

Share this:

SANSFIRE 2016 -- See ThreatSTOP in Action

SANSFIRE 2016 will be here in just 51 days according to the official site. This is SANS national event in Washington DC and attracts one of the largest SANS audiences. Mark your calendars: June 11 - 18, 2016.

Share this:

RockLoader: New Downloader Malware

RockLoader is a new malware downloader that was recently discovered by Proofpoint. This downloader is being used by the same cybercriminals behind Locky ransomware, and is spreading a number of malware variants in addition to the notorious ransomware. These include the Dridex 220 botnet trojan, as well as Kegotip and Pony, two malware variants used to steal information.

Share this:

Senate Floats Encryption Bill (Ack)

Just as What’s App began offering end-to-end encryption for its one billion plus users that effectively prevents anyone--including law enforcement--from reading users’ messages, members of the Senate floated the first draft of a bill aptly named "Compliance with Court Orders Act of 2016.” The bill seeks to require compliance with court orders for data.

Share this:

XTBL Ransomware aka Shade and Troldesh

XTBL Ransomware, also known as Shade and Troldesh, is a crypto-ransomware variant originally created in Russia and used in attacks all over the world. XTBL encrypts a user’s files with an “.xtbl” extension, and is mainly spread via spam e-mails.

Share this:

Locky Ransomware Domains - Followup Analysis Uncovers 130 New Indicators

Recently, there has been a lot of buzz over a flourishing ransomware that goes by the name of Locky, which encrypts a victim's data using a strong RSA-2048+AES-128 encryption and then demands between 0.5-2 bitcoins for the decryption of that data.

Share this:

Nymaim Trojan Blocks Access and Threatens Jail Time

Discovered in 2013, the Nymaim Trojan is a malware that is most notorious for its functionality as ransomware. Once installed, the Nymaim ransomware blocks all access to the victim's computer, displaying a full screen message declaring that the victim's computer was blocked and that they face years of jail time and thousands of Euros in fines unless they pay a supposed police 'fine' through an online payment service.

Share this: