<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

From the Creators of Locky Comes the New Bart Ransomware

A new ransomware variant that debuted this month, rumored to be made by the creators of Locky, has quickly become a variant to watch out for. Bart ransomware shares a number of characteristics with Locky which makes the "look and feel" of the ransomware similar, yet it is distinct because of two special traits. The first is its way of isolating the victim from his/her files - instead of using a strong asymetric encryption, like most ransomware variants today, Bart moves the user's files into individual zip archives and applies password protection to each of them. Also, Bart does not seem to use Control and Command servers, but rather relies on a distinct ID for each victim which will be relayed to the criminals during payment.

Read More

Share this:

Hard Rock Las Vegas POS Hit by Malware; Card Data Stolen

The Hard Rock Hotel & Casino Las Vegas is the latest hospitality target to announce it has been the victim of an attack. Malware on its point of sale (POS) system enabled hackers to siphon off credit card data of an undisclosed number of card holders. According to the Wall Street Journal, “the card-scraping malware identified data including cardholder name, card number, expiration date and internal verification code, in some cases.”

Read More

Share this:

Internet Pioneer Discusses Creation, Expectations and Security of DNS on its 33rd Birthday

Read More

Share this:

Saudi Arabia Slips On This "Oily" Campaign

The OilRig Campaign, so named by PaloAlto Networks because the Persian word for oily—“nafti”—was hardcoded into a number of malware samples analyzed, consists of two attack waves against Saudi Arabian organizations beginning in late 2015. This campaign has been seen targeting financial institutions and technology organizations, as well as the defense industry. The malware used in the OilRig Campaign is the Helminth Backdoor Trojan.
Earlier attacks in this campaign infected victims using Windows executables disguised as fake job offers, followed by a malware dropper called HerHer.

Read More

Share this:

Cerber Ransomware Gets Stronger, Adds DDoS Capabilities

Cerber ransomware debuted in late February of this year, and has already become the third most prevalent ransomware based on a recent Fortinet statistic. The ransomware is typically distributed via emails containing macro-enabled Word documents, Windows Script Files, or Rich Text Documents. Cerber uses a strong, unbreakable encryption, and has a number of features that, when combined, make it unique in today's ransomware landscape.

Read More

Share this:

The Long-Awaited End of TeslaCrypt

The notorious TeslaCrypt ransomware has wreaked havoc on victims since its emergence in 2015. In March of this year, Fortinet ranked it as the third biggest player in the ransomware scene, after CryptoWall and Locky. TeslaCrypt was originally used to target gamers by encrypting files of popular games such as League of Legends, Call of Duty, World of Warcraft, etc. It has since evolved to become an extremely powerful ransomware with particularly caustic capabilities including anti-debugging and anti-monitoring features, string obfuscation, entrenchment, and more.

Read More

Share this:

ThreatSTOP Protects Workloads in Microsoft Azure with New Cloud-based DNS Firewall

DNS Firewall continuously blocks threats and prevents data theft for cloud workloads

Read More

Share this:

See us at Ignite!

Microsoft just released the agenda for Microsoft Ignite, and ThreatSTOP is thrilled to announce our Founder and CEO, Tom Byrnes, will be speaking at the conference.

Read More

Share this:

Infy Malware Comes Out of the Shadows

Over the last decade, the Infy malware family has been out and about and successfully operating mostly under the radar. It was first discovered in 2015 while used in attacks on an Israeli industrial target, as well as a U.S. government target. These attacks led to the detection of a whole malware campaign and infrastructure that includes over 40 variants of malware.

Read More

Share this: