We are happy to announce the release of 3 new targets, specifically protecting against Drive-By attacks. In a drive-by attack, web sites are used as malware droppers. The targets include manually identified domains, as well as domains identified by running known botnet domain generation algorithms. These 3 new targets are built for users to choose the level of protection that accommodates their needs.
The 3 new targets are:
- Driveby Domains- Blocks domains known to host Exploit Kits. Available in standard mode.
- Driveby Domains (Paranoid) - Blocks domains known to host Exploit Kits. This Target has a whitelist that includes known sites (like Google and Yahoo in different geographic TLDs) and URL shorteners. Available in standard mode.
- Driveby Domains (Super Paranoid) - Blocks domains and sub-domains known to host Exploit Kits. This target white-lists only the top 100 most known sites. No sub domains are whitelisted and false positives might be high. Sites such as mail.google.com could be blocked, as well as even lesser known major sites. Available only in Expert mode.
If you are not currently subscribed to the ThreatSTOP DNS FW and cannot add these new targets, you can upgrade by contacting us at 1-855-958-7867 or firstname.lastname@example.org.