<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

Author Archives:francisturner

Recent Posts

Blocking Cryptolocker Ransomware

ThreatSTOP and DNS Firewall block Cryptolocker

Stop extortion by cybercriminals using IP and Domain Name reputation.

ThreatSTOP has started blocking a new variety of malware called "cryptolocker" for our subscribers and those of our OEM partner Infoblox. Cryptolocker is a new and widely spreading form of "Ransomware" that encrypts files on an infected Windows computer and any networked file systems it has access to.

Read More

Share this:

ThreatSTOP blocking new OSX/Morcut malware

As noted by The Register and other places, there's a new cross-platform vulnerability out that installs via a piece of Java that does a check for "Windows or Mac" and then installs the malware suitable for the platform.

Read More

Share this:

Criminals don't follow the rules

If you are a criminal and trying to steal things then breaking the law in other ways is unlikely to concern you. To me such a statement seems obvious, but apparently it isn’t – and I’m not just talking about cyber-criminals here.

Read More

Share this:

Is there anything in Ukraine except cyber crime?

On the Kaspersky SecureList blog there's an interesting post about recent developments for the SpyEye malware. The blogger explains how SpyEye supports a nice plugin architecture and how he examined an interesting new plugin that downloads a flash plugin for certain banking sites which can then switch on the victim's webcam and stream the data back to the crooks.

Read More

Share this:

ThreatSTOP Blocks Android Malware Drive-By

The Lookout Moble Security blog posted a story about some new Android based malware that seems to be set up as fake driver update. This drive by works the same way as classic ones do on Windows PCs (or Macs with Flashback malware) in that if an Android phone visits the infected website it is redirected a couple of times before ending up at a place where it tries to download a new "update" that users are tricked to install.

Read More

Share this:

The mobile to cloud security challenge

ThreatSTOP is spending the week up in San Francisco at RSA. We will be on the Vyatta booth, #452, showcasing our joint solution for the protection and centralized management of virtual and cloud firewalls.

Read More

Share this:

ThreatSTOP adds support for firewalls with dynamic IPs

I am please to announce a new release of the ThreatSTOP cloud service. With this release we are able to support subscribers whose public IP address changes from time to time. Typically these are subscribers to ADSL services where a new IP address is obtained whenever the ADSL link is reestablished but it may also apply to other internet connectivity types as well. We have added this capability by adding support for specifying a DNS name instead of an IP address when configuring a device. We expect the majority of subscribers to use a dynamic dns service such as dyndns.org or no-ip.com but any dns name can be entered, all that is necessary is that the dns record be updated promptly once the ip address has changed.

Read More

Share this:

ThreatSTOP now supports pfSense and Cisco ISR/IOS firewalls

Just before the Christmas/New Year holidays, ThreatSTOP rolled out support for two new firewall types: the open source pfSense firewall and Cisco's IOS firewall running on its ISR platform.

Read More

Share this:

ThreatSTOP releases new reporting features

This weekend we have put our new log-parsing and reporting code into production. The new code significantly increases our speed of log parsing (by about two orders of magnitude) and it provides a lot more help to help our users research what particular blocked threats were caused by. As product manager I am very pleased to say that it is a massive improvement over the previous stuff but, for our existing users, there are a couple of niggles.

Read More

Share this:

ThreatSTOP blocks new Microsoft Ransomware

This morning I saw various reports of a new type of Ransomware, masquerading as a fake Microsoft warning that your copy of windows is invalid. I had a quick check and was unsurprised to note that ThreatSTOP subscribers were already protected.

Read More

Share this:

Home Page

OTHER THREATSTOP OUTLETS

  1. ThreatSTOP on YouTube
  2. ThreatSTOP on Twitter