CATEGORY ARCHIVES: malware

Bi-Weekly Security Update 3/15/2017

 

Malicious Content Identified and Inserted:

  • IPs – 3680
  • Domains – 603

Target List Content Updated:

  • TSCritical
  • TSRansomware
  • TSPhishing
  • TSBanking
Read More

Share this:

EITest – The Long Living Campaign

EITest is a campaign initially discovered in 2014 by Malwarebytes. It distributes malware (that uses iframes) through a flash file on a compromised site, followed by exploitation through an Exploit Kit. In the past, this campaign was used to distribute malware including Cerber, CryptoMix, CryptoShield, Gootkit and the Chthonic banking Trojan, all using various types of Exploit Kits.

Read More

Share this:

Magic Hound Sniffs Out Trouble

 

Magic Hound, as dubbed by researchers at Palo Alto Networks, is a targeted espionage campaign against Saudi Arabian government, energy and technology industries. The campaign utilized a common phishing tactic, embedding macros into Word and Excel documents. If the victim enabled macros on the document, Powershell scripts downloaded additional malware onto their computer, such as the open-source Python RAT, Pupy.

Read More

Share this:

Locky Back in Action

Locky, the infamous ransomware plaguing computers worldwide since it was first seen early last year, has recently made a comeback after a severe drop in activity over the holiday season. The Necurs botnet, which is Locky's primary distributor, was offline for the final weeks of 2016, equating to an 81% decrease in the number of Locky attacks.

Read More

Share this:

CryptXXX Ransomware Spread Through SoakSoak Botnet: Two Big Actors As One

CryptXXX and SoakSoak are huge threats individually.

Read More

Share this:

Bi-weekly Security Update

Bi-weekly Security Update

Malicious content identified and inserted:

  • IPs – 960
  • Domains – 1653
Read More

Share this:

How much would you pay in bitcoin to watch that cat video?

Where do security professionals draw the line between protecting their company’s network, and delivering a free-range internet experience for their fellow employees? This quandary came up at ThreatSTOP recently, spurred by a support request we received from a customer who posed this very question to himself, his peers, and to us. It got us thinking, and made us wonder what the consensus is among security professionals who constantly wrestle with balancing the scales of security and user friction.

Read More

Share this:

Bi-weekly Security Update 12/21-1/3

Malicious content identified and inserted:

  • IPs – 1625
  • Domains – 4562

Target lists updated:

  • TSCritical (Domains and IPs)
  • TSRansomware (Domains and IPs)
  • TSPhishing (Domains and IPs) – New Targets added!
  • TSBanking (Domains and IPs) – New Targets added!
Read More

Share this:

Biweekly Security Update

Biweekly Security Update

Malicious content identified and inserted:

  • IPs – 232
  • Domains – 386

Target lists updated:

  • TS-CRIT
  • TS-RANS
Read More

Share this:

AVALANCHE

 

On November 30th, 2016, a worldwide cooperative takedown of the Avalanche botnet took place after more than four years of investigation.  “Avalanche” refers to a worldwide crimeware-as-a-service (CaaS) network infrastructure operated by cyber criminals conducting malicious activity. This includes: DDoS, malware distribution, phishing and money-mule operations causing hundreds of millions of damages in Euros worldwide.

Read More

Share this: