<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

CATEGORY ARCHIVES: cyber-security

Analysis: New Android Malware Steals Victim Data From 300+ Apps

 

A new android malware strain was uncovered in May, boasting the ability to steal data from 337 applications, including passwords and credit card information. Among these apps are some of the most highly-used applications on any android phone, such as Netflix, Gmail, Amazon, Uber, and more.

Read More

Share this:

Learning from the Honda Ransomware Attack

 

The Japanese manufacturing giant revealed that it had been hit with ransomware on Monday June 8, 2020, forcing it to shut down a number of manufacturing facilities and disrupting its global operations. Honda was left with no choice but to halt operations in Japan, North America, the U.K., Turkey and Italy. Furthermore, the ransomware attack caused disruptions to the company’s customer service and financial services.

Read More

Share this:

US Secret Service Warns Surge in Ransomware Attacks Targeting MSPs

 

Managed Service Providers (MSPs) seem to be a huge target for ransomware lately. MSPs in both government and the private sector have been under attack, causing the U.S. Secret Service to issue a special warning about this phenomenon.

Read More

Share this:

How to Work Towards Better Whitelisting

 

One of the key problems in threat intelligence is curating whitelists of infrastructure and domains that should never be blocked. Just recently, a government CERT distributed lists of IoCs that included private IP addresses that just are not useful for analysts and hunt teams. At best, it creates wasted time and effort. At worst, key infrastructure is blocked and there is business impact and/or loss of revenue.

Read More

Share this:

Announcing ThreatSTOP 6.0 Featuring Role Based Access Control

 

So much about good, basic Security comes down to proper access control. Information security, physical security, personal security, (probably even financial security?) – all security, it seems, works better when there’s proper control over who has access to what and when.

ThreatSTOP’s platform has historically allowed two levels of user access: Admin and Reporter. In this simple scheme, Admins could access everything, like creating a custom DNS Firewall policy, or whitelisting an IP across all their firewalls, while lowly Reporters got read-only access to look at reports. Two extremes of access control for what was a simpler time.

In the years since, things have really evolved in Security. It's gotten scarier outside – there are more threats, nastier ones, more sophisticated attackers, and shrewder methods. DDoS for hire, and turn-key ransomware. The myth of companies “too big to take down” or “too small to be targeted” got busted. It has gotten crazy out there.

Read More

Share this:

3 US Universities Hit with Ransomware in Same Week

The beginning of June saw a sudden surge in University-targeting ransomware attacks. Michigan State University, UCSF and Colombia College were all hit with ransomware from the NetWalker family within the same week. While each institution dealt with their network’s compromise differently, this “University Ransomware Week” was certainly eye-opening for higher education institutions who may need to rethink the security solutions and measures they have implemented.

Read More

Share this:

Infographic: The Most Infamous Botnets of the 21st Century

Botnets are a unique type of threat. The colossal power that networks of millions of compromised computers can reach allows botnets to do a lot of damage, from generating and stealing large sums of money to deploying dangerous attacks. Last year saw a 71.5% increase in botnets as opposed to 2018, further showing that botnets are a worthwhile business for attackers, and a prevalent threat to watch out for.

These malicious networks have been around since the very end of the 90’s, rapidly evolving and becoming more advanced, year by year. Our new infographic examines the most prevalent, well-known botnets from the beginning of the century up until today, shedding light on the diverse landscape and evolution of this fascinating threat.

Read More

Share this:

What Is a Botnet? Common Architecture, Purpose & Attack Types

What Is a Botnet?

A botnet is a distributed network consisting of many compromised internet-connected devices, which are controlled by a centralized botmaster, and are utilized to perform synchronized tasks. Each infected machine is called a bot, and together their power is used to carry out various attacks. Botnets are usually created via malware infections, which gain persistence on the machines and “recruit” them to the botnet. Some of these malware variants can even self-propagate through networks, infecting many devices via one network entry point. The bandwidth amount “taken” from each bot is relatively small, so that the victim will not realize that their device is being exploited, but when thousands or even millions of machines are simultaneously instructed to perform a joint, targeted attack, the damage can be immense.

Although we are used to thinking of botnets as a collection of computers, these networks can be comprised of various types of devices – personal computers, laptops, mobile devices, smart watches, security cameras, and smart house appliances.

Read More

Share this:

Is Zoom Actually Secure?

 

Ever since the beginning of the Coronavirus outbreak, Zoom has become the most well-known and widely used video conferencing platform. Used by corporations, universities and schools, families and more, millions of people around the world have found themselves desperately in need of a platform to hold meetings, see loved ones and cope with social distancing. The video conferencing app, that previously boasted 10 million users during busy hours, quickly shot up to 300 million during peak daytime hours. But as Zoom’s popularity rapidly rose, so did concerns about the platform’s security.

Read More

Share this:

Are Cyber Attackers Hacking Your Webcam?

 

What Is Camfecting?

Camfecting is the act of accessing a victim’s webcam and operating it without permission. This is usually done by infecting the camera owner’s device with malware, which then gains access to the webcam and controls it via remote access.

The thought that a stranger may be peeping at us while we are near our computers is unsettling at the least. Now, with much of the employed workforce working from home due to the global Covid-19 epidemic, we can only imagine the breach of privacy that may happen as the result of a hacked webcam. In addition to the potential loss of privacy, attackers could record victims and use the footage for blackmail or to collect ransom. Webcam hackers can also use the camera to monitor the victim’s home to learn when it is vacant.

Read More

Share this:

Home Page

ARCHIVES

see all

OTHER THREATSTOP OUTLETS

  1. ThreatSTOP on YouTube
  2. ThreatSTOP on Twitter