<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

CATEGORY ARCHIVES: cyber-security

ThreatSTOP Premium Feed Spotlight Series: Level Up Your Protection with ThreatSTOP NOD, Powered By Farsight

One of the chief problems in cybersecurity is the inherent reactivity of most forms of defense. An attack has to be observed, analyzed and reverse-engineered. THEN, protection can be developed. This means attackers are successful, and inside environments, for a period of time before the attack is noticed, before the indicators for that attack can be extracted, and before a policy can be disseminated to stop it.

There has been a wide variety of research in recent years around this problem. How to speed up the cycle to recognize attacks and to potentially get out in front of attackers to block them before the attacks start. Both my own PhD research and other researchers have noticed that one attribute that is overwhelmingly an indicator of maliciousness in DNS is “newness,” that is to say, the newer a domain is, the more likely that it is bad. More importantly, when a domain is new and otherwise benign, it is rarely in meaningful use except by the organization that’s setting up whatever will go there.

Read More

Share this:

US Heightens Online Attacks on Russian Power Grid: How DNS Can Protect Critical US Infrastructure

In retaliation for ongoing attacks against US interests and to be a deterrent against future cyberattacks, the United States has been penetrating Russian power and industrial systems according to recent reporting in the New York Times. There have been multiple articles about attacks on critical infrastructure and attempts to penetrate systems in this space. In the US, no breach has been reported to lead to a wide spread outage, but there has been an increasing level of concern.

Read More

Share this:

Upgraded JasperLoader Infecting Machines with New Targets & Functional Improvements: What You Need to Know

 

A few months ago, JasperLoader (a new malware loader) emerged, infecting systems with various malware payloads, such as the Gootkit Banking Trojan. After a short, initial campaign, the threat actors behind the malware halted their activity and JasperLoader went off the radar for a while. However, since late May, a new and upgraded version of JasperLoader has been spotted infecting machines across Europe.

Read More

Share this:

Georgia Tech Data Breach: How to Keep Information Secure in Open University Environments

Georgia Tech recently notified almost 1.3 million people about a potential breach of sensitive data, and in some cases, including a social security number. Over a four month period, there was a vulnerable server that allowed people to enumerate records on a back-end database, allowing the exfiltration of sensitive information. While universities are seen as more open environments, they do have sensitive information they have to protect.

Read More

Share this:

Think Mirai is Gone? Think Again. It’s Alive & Active. Here's What You Need to Know.

Between March 2 - 5, we detected a significant increase in scanning activities over Tenet ports via the target, ''NoThink! Telnet HoneyPot – IPs," provided by NoThink. To put this in perspective, the magnitude includes an increase of 4,000 IPs to about 130,000 IPs that were a part of the scanning on telnet ports, as presented in Figure 1 below.

Read More

Share this:

(Stay Alert) Inside E-Mail Compromise: What Small & Medium Businesses Need to Know

Recently, we were contacted regarding two different incidents of Business Email Compromise (BEC), where there was an attempt to redirect wire transfers from individuals to another bank account. One was successful and the victim lost six figures, one was interdicted because of an attentive individual who picked up the phone to ask, “Uh, are you sure this is right?” This kind of fraud is increasing and are more specifically targeted towards smaller firms and individuals trying to redirect high-dollar transactions.

Read More

Share this:

2020 Census Target of Security Threats & 3 Critical Factors to Know

As people start thinking about completing the upcoming United States census online, security concerns have emerged. While there are unique threats to the Census because of the impact it has on budgeting and government, these concerns tell us a great deal about the security concerns of doing business online.

Read More

Share this:

Don’t Fight Cyber Criminals in Your Bedroom

Imagine This: You have a precious and valuable treasure. You keep this treasure in your bedroom. Criminals come from all over the land, every night and day, laying siege to your home to steal this treasure. You have no gated community, no security patrol, no walls around your home, no doors or windows - and every fight with a criminal happens right there in your bedroom with your treasure just feet away. You know that one misstep, one lucky punch, and you lose your most precious treasure. It’s game over.

Read More

Share this:

How to Easily & Efficiently Secure Your Home DNS

Like many technologists who are also parents, I think a great deal on how best to protect my family online. Working for a security company, I have access to more tools than the average person, so recently I’ve implanted DNS security at home. I focused more on DNS because there are no “services” offered on my home network, and I’m mostly concerned more about my kids or wife clicking on a phishing link or similar outbound malicious traffic.

Read More

Share this:

Why You Need to Block the Threat Factory. Not Just the Threats.

 

Cyber criminals will create roughly 100 million new malware variants over the next 12 months. Security vendors will respond with new malware signatures and behaviors to stop them, but thousands of companies will be victimized in the process, experiencing costly or catastrophic breaches. This isn’t new - it’s a cycle.

Read More

Share this:

Home Page

ARCHIVES

OTHER THREATSTOP OUTLETS

  1. ThreatSTOP on YouTube
  2. ThreatSTOP on Twitter