<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

Under the Hood: How ThreatSTOP Protects Against WannaCry

 

One of the key features of the ThreatSTOP platform is the ability to tailor a security policy to meet specific operational objectives. In a broad sense, this is done by selecting the policy components, such as botnets or banking Trojans, but another powerful tool is the application of User Defined Lists (UDLs) to the customer security policy. Using UDLs, our customers can use ThreatSTOP DNS Firewall to identify machines infected by Wannacry ransomware that are latent because of the accessibility of the “kill switch” domains.

Read More

Share this:

OilRig: Another Attack Wave Hits

Another attack wave directed at Israeli Organizations was reported by Morphisec and Palo Alto Networks on April 27th. OilRig was initially discovered in May 2016, after two attack waves targeting financial institutions and technology organizations in Saudi Arabia were detected. OilRig is attributed to an Iranian APT cyber group, its namesake stemming from the Farsi word "Nafti," (Oily) also hardcoded into a number of analyzed malware samples discovered in 2016.

Read More

Share this:

SambaCry Vulnerability Announced, Patches Released

On 26, May 2017 Samba.org in cooperation with SerNet released a security advisory for all versions of Samba.

Read More

Share this:

Bi-Weekly Security Update 5/25/17

Read More

Share this:

Enhancing Protection Against Tor

In the past week, we decided to enhance the protection we offer via our Anonymous Networks target, and discussed the use of VPN and Tor to bypass network security. Up until today, we primarily only blocked Tor exit nodes. However, we decided that this target should not only block Exit nodes, but also Guard and Middle relays. Here, we explain how TOR works and what changes were made to the target.

Read More

Share this:

Mo EK Domains, Mo Security Mo Better

Our Security team, working diligently to keep your data safe, has added more Exploit Kit (EK) sources to our Driveby Domains target. We are happy to announce the addition of domains from the BlackHole Exploit Kit.

Read More

Share this:

ThreatSTOP Tools & Action For Visibility Fighting Ransomware & WannaCry

Protecting and empowering our valued customers is always a top priority at ThreatSTOP. Today, we're taking additional action to deliver better protection and greater visibility related to the WannaCry ransomware attack.

Read More

Share this:

Operation Cloud Hopper Jumps Into View

Operation Cloud Hopper, uncovered by researchers at BAE Systems and PwC, was a cyberespionage campaign by APT10 (also known as Red Apollo and the menuPass Team) that targeted IT managed service providers (MSPs) in order to steal their clients' corporate data.

Read More

Share this:

This Past Weekend Made All of Us WannaCry

On May 12th, an outburst of a new Ransomware named WannaCry (aka WannaCrypt, WCry) took place. This ransomware, spread wildly in a short amount of time, infected over 100K victims in over 99 countries utilizing the MS17-010 Vulnerability. The following image from the live infection map, demonstrating how big the impact of this campaign had been over the past 24 hours.

Read More

Share this:

Bi-Weekly Security Update 5/11/17

infoOne.png

Malicious Content Identified and Inserted:

Read More

Share this:

ThreatSTOP & Reposify Partner to Stop DDoS Attacks from Infected IoT Devices & Services

Cyber Security Startups Combine Threat Data & Real-Time Policy Delivery Platform to Address Huge Gap in Cybersecurity.
Read More

Share this:

Knock-Knock! Who’s There? ... NoTrove.

 

Internet-based advertising has been in wide use since the early 21st century. Its popularity grew in 2010 with the development of programmatic advertising. (Also referred to as automated advertainment) Here, you pay per ad view, which can be maliciously misused by counting machines and bots as actual viewers. Additional types of malicious use include accumulating web traffic and selling it to web traffic brokers, or engaging this traffic in semi-malicious programs like PUP. (Potentially Unwanted Programs)

Read More

Share this:

Targets for Inbound Attacks & Whitelisting Major Services in Policies

We are happy to announce the release of a new Blacklist target for our IP Firewall service.

Read More

Share this:

Use of VPN and Tor Traffic Allows Corporate Security Bypassing

 

We’ve all been bored at work, that’s a given. We don’t have a need to go crashing through the brush looking for our next meal and that leaves our brains with a bunch of extra cycles to spend on life in the modern world. That means our personal lives, our jobs, and what to have for lunch.

Read More

Share this:

New DGA Targets for DNS Firewall Policy

ThreatSTOP’s Security Research Team has been busily tracking down new threat sources and compiling publicly shared data from multiple research teams. The result is our New Domain Generation Algorithm (DGA) target collection.

Read More

Share this: