<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

CATEGORY ARCHIVES: cybersecurity

ThreatSTOP Free Open Source Analysis Tools Series. Part 1: Free Open Source IOC Analysis Tools, Why Use IOCs?

Welcome To Our New Weekly Series, Free Open Source Analysis Tools.

This Week's Topic: Free Open-Source Analysis Tools, Why Use IOCs?

Throughout this series, we'll be talking about a Security Analyst’s IOC analysis journey. From discovering relevant indicators and performing the analysis, to finding enrichments and new IOCs. We will also share recommendations for free open-source analysis tools and use cases completed by ThreatSTOP's Security and Research Team, showing how to utilize the various platforms and tools. Let's get started.

Read More

Share this:

Getting Real (SMB) Value From Threat Intelligence

You’ve probably heard of Threat Intelligence, it's all the rage and all the cool kids are doing it… where’ve you been? Threat Intelligence, or “TI,” is everywhere and in everything, and it can be cool, but it can also be slippery and confusing and complex and a huge waste of time and resources depending on what you do (or don’t do) with it. In this post, we’re going to make a bunch of snarky statements about Threat Intelligence, and we’re going to spill the tea on how you (as a small or medium sized business) can use it and actually get some security value in return.

Read More

Share this:

Upgraded JasperLoader Infecting Machines with New Targets & Functional Improvements: What You Need to Know

 

A few months ago, JasperLoader (a new malware loader) emerged, infecting systems with various malware payloads, such as the Gootkit Banking Trojan. After a short, initial campaign, the threat actors behind the malware halted their activity and JasperLoader went off the radar for a while. However, since late May, a new and upgraded version of JasperLoader has been spotted infecting machines across Europe.

Read More

Share this:

Shooting Phish in a Barrel: How Phishing Sites are Fooling You With SSL/TLS Certificates

In the past, a green padlock icon would inform the user that a site is secure and legit, whether it was true or false. Now, that is no longer the case. We are seeing more and more phishing sites using SSL/TLS certificates to try and fool people into thinking that a phishing site is actually legitimate. The appearance of free SSL/TLS certificates, which can be applied with ease (Let’s Encrypt, Comodo and more), allow scammers to harness SSL certificates to their own agenda, giving misguided people the felling of false security.

Read More

Share this:

LIVE WEBCAST: The Basics to Understanding the Secret Life of DNS – Protecting Against Modern Threats at Scale

DNS is one of the single biggest important components to making the global internet work and it is often the most neglected aspects of a network. Invented in the 80's, DNS “just works," but its ease of use has people overlooking the power of using it to protect their customers. DNS offers the first clues to what is going on in your network and is used by criminals to steal data.

Read More

Share this:

BrightTALK Webcast: December 13. John Bambenek Talks Predictions for 2019's Threat Landscape.

As part of BrightTALK's 2019 Trends and Predictions Webcast series, ThreatSTOP's VP of Security and Research, John Bambenek, is talking specifically about social engineering and phishing on this December 13th episode. Check out the details here:

Read More

Share this:

How to Keep Online Holiday Shopping Safe. Plus, Identifiable Warning Signs of Malicious Ukrainian JavaScript.

As we’re approaching the holiday season, so many are heavily relying on the internet for their shopping. With fewer than 50 online shopping days until Christmas, pressure to bargain hunt is skyrocketing, with retailers gearing up to make tempting offers on those dream items. However, it's not just the online retailers gearing up to take your money, the online criminals are, too.

Read More

Share this:

Attackers Are Targeting Healthcare: Here's 4 Things You Need to Do Now

In the third quarter of 2018 alone, 4.4 million patient records were compromised across 117 disclosed health data breaches. This shows that health care continues to be targeted by criminals. The largest breach was UnityPoint, with 1.4 million records compromised.

Read More

Share this:

ThreatSTOP & The Libssh Vulnerability: What You Need To Know

This week, the libssh project announced a serious bug in versions of their library released in the last few years.

Read More

Share this:

Under the Hood: How ThreatSTOP Protects Against WannaCry

 

One of the key features of the ThreatSTOP platform is the ability to tailor a security policy to meet specific operational objectives. In a broad sense, this is done by selecting the policy components, such as botnets or banking Trojans, but another powerful tool is the application of User Defined Lists (UDLs) to the customer security policy. Using UDLs, our customers can use ThreatSTOP DNS Firewall to identify machines infected by Wannacry ransomware that are latent because of the accessibility of the “kill switch” domains.

Read More

Share this:

Home Page

OTHER THREATSTOP OUTLETS

  1. ThreatSTOP on YouTube
  2. ThreatSTOP on Twitter