<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

Bad Domain of the Week: D-D-Don't mess with ddd[.]com

 

The website ddd[.]com claims to be a domain registrant and manager, and even if it is - we definitely wouldn't trust this one. Our Security Research team came across this domain while reviewing customer logs, and saw an unusual amount of communications blocked from this domain.

Read More

Share this:

Yet Another Legitimate Scanner Testing User Patience?

When an IP is in a number of blocklists and it tries to make over 20 Million (yes, you read that right!) connection attempts with our customer devices, it definitely catches our attention. This is exactly what the IP address 89.248.165[.]118 did. Just Memorial Day morning showed around 30K hits in our customer logs from this IP.

Read More

Share this:

Darkside RANSOMWARE Group domains fotoeuropa[.]ro and catsdegree[.]com

This week our Security Research team noticed loads of blocked traffic between ThreatSTOP customer machines and domains recently associated with DarkSide ransomware - the malware behind the Colonial Pipeline shutdown that forced the company to pay $5 million in ransom. The domains - fotoeuropa[.]ro and catsdegree[.]com – logged an accumulative 3.8 million blocked communication attempts in our systems over the last week alone. Almost nothing makes us happier than potential victims saved from malicious threat actors and cyberattack disasters. 

Read More

Share this:

ARCHIVES

see all

OTHER THREATSTOP OUTLETS

  1. ThreatSTOP on YouTube
  2. ThreatSTOP on Twitter