<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

CATEGORY ARCHIVES: dns-firewall

Announcing ThreatSTOP 6.0 Featuring Role Based Access Control

 

So much about good, basic Security comes down to proper access control. Information security, physical security, personal security, (probably even financial security?) – all security, it seems, works better when there’s proper control over who has access to what and when.

ThreatSTOP’s platform has historically allowed two levels of user access: Admin and Reporter. In this simple scheme, Admins could access everything, like creating a custom DNS Firewall policy, or whitelisting an IP across all their firewalls, while lowly Reporters got read-only access to look at reports. Two extremes of access control for what was a simpler time.

In the years since, things have really evolved in Security. It's gotten scarier outside – there are more threats, nastier ones, more sophisticated attackers, and shrewder methods. DDoS for hire, and turn-key ransomware. The myth of companies “too big to take down” or “too small to be targeted” got busted. It has gotten crazy out there.

Read More

Share this:

ThreatSTOP Premium Feed Spotlight Series: Level Up Your Malvertising Protection with The Media Trust Premium Threat Intelligence Feed

Most malware is often delivered from otherwise legitimate sites. Sometimes this occurs via compromising existing websites, but more often than not, it is by using existing advertising networks as a means to ultimately deliver malware. Quite simply, the attacker buys impressions via existing channels and uses a variety of malvertising tricks to either directly compromise the web browser, or at the least trick the user to installing the malware. This specialized form of malware delivery requires a specialized collection methodology to detect such attacks.

Read More

Share this:

Domain Ranking Services: How Do Illegitimate Domains Get High Ranks?

 

Read More

Share this:

Riltok Mobile Banking Trojan Stealing Credit Card Information with Phishing Ads

Riltok is a mobile banking Trojan that uses mobile phishing pages to steal credit card information from its victims. Discovered in 2018, Riltok started out solely attacking Russian targets, yet it quickly began attacking victims in other European countries as well. The Trojan is spread via malicious SMS messages, which contain links that direct the victims to a fake website posing as a popular free ad service.

Once on the website, victims are prompted to click and download the Trojan, disguised as the ad service’s mobile app. If downloaded, Riltok connects to its C&C server to exfiltrate device data, and opens a fake Google Play screen or phishing page in a browser, requesting the victim’s bank card details.

Read More

Share this:

Getting Real (SMB) Value From Threat Intelligence

You’ve probably heard of Threat Intelligence, it's all the rage and all the cool kids are doing it… where’ve you been? Threat Intelligence, or “TI,” is everywhere and in everything, and it can be cool, but it can also be slippery and confusing and complex and a huge waste of time and resources depending on what you do (or don’t do) with it. In this post, we’re going to make a bunch of snarky statements about Threat Intelligence, and we’re going to spill the tea on how you (as a small or medium sized business) can use it and actually get some security value in return.

Read More

Share this:

US Heightens Online Attacks on Russian Power Grid: How DNS Can Protect Critical US Infrastructure

In retaliation for ongoing attacks against US interests and to be a deterrent against future cyberattacks, the United States has been penetrating Russian power and industrial systems according to recent reporting in the New York Times. There have been multiple articles about attacks on critical infrastructure and attempts to penetrate systems in this space. In the US, no breach has been reported to lead to a wide spread outage, but there has been an increasing level of concern.

Read More

Share this:

How to Mitigate Microsoft Windows Zero-Days Exploiting Enterprises & Giving Attackers Control

 

On top of the RDP vulnerability out there, additional Microsoft Windows zero-days are out there, which can exploit enterprises and give attackers full system control. The RDP vulnerability had the potential to be used in a WannaCry like worm. 

Read More

Share this:

LIVE WEBCAST: The Basics to Understanding the Secret Life of DNS – Protecting Against Modern Threats at Scale

DNS is one of the single biggest important components to making the global internet work and it is often the most neglected aspects of a network. Invented in the 80's, DNS “just works," but its ease of use has people overlooking the power of using it to protect their customers. DNS offers the first clues to what is going on in your network and is used by criminals to steal data.

Read More

Share this:

(Stay Alert) Inside E-Mail Compromise: What Small & Medium Businesses Need to Know

Recently, we were contacted regarding two different incidents of Business Email Compromise (BEC), where there was an attempt to redirect wire transfers from individuals to another bank account. One was successful and the victim lost six figures, one was interdicted because of an attentive individual who picked up the phone to ask, “Uh, are you sure this is right?” This kind of fraud is increasing and are more specifically targeted towards smaller firms and individuals trying to redirect high-dollar transactions.

Read More

Share this:

2020 Census Target of Security Threats & 3 Critical Factors to Know

As people start thinking about completing the upcoming United States census online, security concerns have emerged. While there are unique threats to the Census because of the impact it has on budgeting and government, these concerns tell us a great deal about the security concerns of doing business online.

Read More

Share this:

Home Page

ARCHIVES

see all

OTHER THREATSTOP OUTLETS

  1. ThreatSTOP on YouTube
  2. ThreatSTOP on Twitter