Nao_sec provides cyber security research dedicated to Exploit Kits. In campaigns that include Exploit Kits, landing pages with malicious code are used in an attempt to exploit a specific vulnerability on the victim's device.

We are happy to announce that we have incorporated Google, YouTube and Bing Safe Search option simply by adding the new targets to your policy. Safe Search is a feature that acts as an automated filter of pornography and potentially offensive content. It is possible to enforce safe search filters by modifying DNS queries so, for instance, safe search will be always on for YouTube. Using that Safe Search is now available via the ThreatSTOP platform. To enable it on your DNS all you have to do is add the relevant list to your policy and the DNS Defense Will automatically do the rest for you. The new targets available to add are:

Photo Credit: LuckyStep48, Getty Images

In the past few years, we’ve seen a radical shift from traditional paradigms in transactions. With the emergence of blockchain, decentralized peer-to-peer transactions have replaced typical financial arrangements and revolutionized the financial world. In a few short years, the landscape for financial institutions has radically changed. Yet, the surface has barely been scratched in the ways blockchains can disrupt other entrenched industries. Enterprises have two choices, adopt the blockchain or be left in the stone age. The question is, why should your security program be any different?

Photo Credit: republica

Recently, we learned that it seems authorities have identified our friend, Guccifer 2.0. The main mechanism for this is that through Guccifer 2.0’s frequent communications via Twitter and ProtonMail, on one occasion he neglected to notice he was not connected to his favorite VPN service, Elite VPN. This means authorities were able to get his actual IP address when he was communicating openly while engaging in his portion of the influence operation.

As attention turns to the cyber threats facing 2018's midterm elections, we're learning hard lessons from what went down in 2016. (Plus, what we can presumably except coming up) There were multiple aspects to my research and human intelligence operations exploring what was going on behind the scenes in 2016, but this article focuses on only one, Guccifer 2.0.

With the massive upsurge in the value of bitcoin and other cryptocurrencies, cybercriminals are turning their prime focus to cryptocurrency. One of the fastest growing forms of malware are those mining cryptocurrencies on victim machines. Specifically, using the browsers of visitors as CPU cryptocurrency miners. Even news sites are utilizing this to monetize their websites and blogs. As bitcoin often takes specialized hardware to effectively mine, criminals are turning to Monero as the mining currency of choice for victim machines.

Live Interactive Webinar: Blocking & Tackling Cyberthreats Using DNS RPZ

January 17th, 10 AM Pacific, 1 PM Eastern

DShield has a project called the 404Project. The goal of the project is to track attackers looking to compromise web pages.

To do this, they've started selling a Raspberry Pi Honeypot to hook into your network. The alternative, is to embed one of a selection of code snippets into your website's 404 error page. These honey pots track hits on the 404 page. Hackers generate these hits when scanning for vulnerable utilities common to various web hosts. When the 404Project detects these scans, it records the attacker's IP and uploads it to DShield.

Cyber security shouldn’t cost you an arm and a leg, and we believe that every business should have the option to get high quality, affordable protection. 95% of malware attacks involve DNS, and you shouldn’t ever have to compromise your organization, career, or peace of mind -- Hackers are waiting for just that. 

Securing DNS is more important than ever before, and now more affordable than ever. DNS is used in more than 95% of today’s malware attacks, and it only takes an hour to add ThreatSTOP’s DNS Defense to protect yours.