<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

ThreatSTOP launches built-in ThreatCONNECT Integration

ThreatSTOP is now a ThreatConnect partner, integrating our DNS and IP threat intelligence directly into ThreatConnect's market-leading Threat Intelligence (TIP) and Security Orchestration, Automation, and Response (SOAR) Platform.

Read More

Share this:

Cyber Criminals Upset by New ThreatSTOP - Bandura Integration

In news that's certain to make cyber criminals depressed, but security practitioners joyous, ThreatSTOP and Bandura have developed an integration that builds on the proactive, block-threats-early mantra shared by the two security companies.

Read More

Share this:

From Russia with Love: Selectel hosting some busy, bad IP addresses

In the past week we saw a massive surge in hits on customer logs coming from the IP 45.146.165[.]11. Our security research team checked it out, and found that it has been the launch pad for abnormally large amounts of traffic trying to reach customer machines. On one customer network alone they got over 2 million hits.

Read More

Share this:

MS EXCHANGE ATTACKS: BLOCK ANONYMOUS VPN SERVICES (AND THESE IOCS)

Until two weeks ago, thousands of Microsoft Exchange servers were under attack unknown to anyone. Since Microsoft and other researchers uncovered this severe cyber offensive against various U.S. institutions, organizations have been scrambling to patch the vulnerabilities used in the attack, understand the extent of potential damage, and ensure protection for next time (and there will be a next time). In this blog post, we'll explain how to do exactly that.

Read More

Share this:

New Gafgyt Botnet TOR Variant Targets D-Link and IoT Devices

The Gafgyt IoT botnet has been around for 7 years already, boasting many different variants over time. Also known as BASHLITE, this botnet has become notorious for launching DDoS attacks, making it almost as well-known as famous botnets such as Mirai in recent years. In 2018, two Gafgyt variants were detected, targeting Apache Struts and SonicWall vulnerabilities. Over the next year, Gafgyt started targeting vulnerable internet of things devices, wreaking havoc on gaming servers all over the world.

Read More

Share this:

ThreatSTOP Managed Rules Now Available for AWS WAF

Good news for AWS customers (which is.... a lot of you!)! 

Read More

Share this:

Mitigating The MS Exchange 0-day attacks

HAFNIUM Exchange attack - detecting and mitigating with ThreatSTOP TI

The Microsoft Exchange attack leveraging multiple zero-days has by some accounts been one of the most wide-spread and potentially damaging hacks in history, orchestrated by a group Microsoft has named HAFNIUM. Malicious network activity related to the attack was first detected in January but the full nature and extent of the attack was publicly disclosed only on March 2nd. Active exploitation started around February 26th, primarily targeting U.S. entities. 

Read More

Share this:

ARCHIVES

see all

OTHER THREATSTOP OUTLETS

  1. ThreatSTOP on YouTube
  2. ThreatSTOP on Twitter