<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

Author Archives:francisturner

Recent Posts

New OpenSSH Vulnerability

new vulnerability has been found on OpenSSH which is used by almost all Linux/BSD distributions, as well as many network infrastructure devices to allow SSH connectivity. The vulnerability applies to any SSH device that allows for user/password logins as opposed to shared keys.  And, from my quick review of the vulnerability, it seems to be common on almost every device that has not had password logins specifically disabled. The vulnerability allows an attacker to attempt many thousands of passwords for a user, instead of the default 3-6, before being blocked.

Read More

Share this:

Important updates to the TS Critical target list

As with many other people in the cybersecurity world, ThreatSTOP received notification today about a spear phishing campaign using some of the zero day vulnerabilities leaked from “Hackinged Team” at the beginning of the month. ThreatSTOP is happy to report that we are blocking the IOCs in that notification for all our customers who use either the TSCritical Target List or the Lists that include it – BASIC or BOTNETS - in their firewall policy.

Read More

Share this:

Ramifications of the Anthem hack

The Anthem hack has been getting a lot of news coverage because it is one of the larger data breaches in recent years. Of course it is in fairly good company (Sony, Home Depot, Target spring to mind) but it has some features that are unique. These features mean that the impact on those whose data was stolen is probably less than some other hacks, but that doesn't mean people can relax.

Read More

Share this:

ThreatSTOP blocking Shellshock (Bash) scanners

Over the last 36 hours ThreatSTOP has identified a number of hosts that are attempting to scan for (and then exploit) the Shellshock bash vulnerability. We are actively identifying these miscreants through (failed) attacks against our servers, detection by our honeypots, and data received from malware researchers we work with.

Read More

Share this:

ThreatSTOP adds active Heartbleed attacker list to our feeds

Over the last 36 hours ThreatSTOP has identified a number of hosts that are attempting to scan for the Heartbleed* openSSL vulnerability. This is due to data received from from malware researchers we know as well as visitors to some honeypots we set up ourselves. These addresses have been added to a new expert mode target list called "Heartbleed" as well as to our standard mode "unix server" target list.

Read More

Share this:

ThreatSTOP not vulnerable to Heartbleed

The Heartbleed vulnerability* has burst into public consciousness and generated a lot of justified concern that login information and other confidential data may have been at risk because of it.

Read More

Share this:

ThreatSTOP blocking Heartbleed

It looks like ThreatSTOP has been protecting our service provider customers from the Heartbleed vulnerability* for some time now.

Read More

Share this:

Blocking Neutrino EK and Ponmocup Droppers

ThreatSTOP and DNS Firewall Blocking Two New Malware Types

ThreatSTOP has started blocking two new varieties of malware for our subscribers and those of our OEM partner Infoblox.

Read More

Share this:

Blocking Cryptolocker Ransomware

ThreatSTOP and DNS Firewall block Cryptolocker

Stop extortion by cybercriminals using IP and Domain Name reputation.

ThreatSTOP has started blocking a new variety of malware called "cryptolocker" for our subscribers and those of our OEM partner Infoblox. Cryptolocker is a new and widely spreading form of "Ransomware" that encrypts files on an infected Windows computer and any networked file systems it has access to.

Read More

Share this:

ThreatSTOP blocking new OSX/Morcut malware

As noted by The Register and other places, there's a new cross-platform vulnerability out that installs via a piece of Java that does a check for "Windows or Mac" and then installs the malware suitable for the platform.

Read More

Share this:

Home Page

OTHER THREATSTOP OUTLETS

  1. ThreatSTOP on YouTube
  2. ThreatSTOP on Twitter