<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

CATEGORY ARCHIVES: phishing

What Is a Botnet? Common Architecture, Purpose & Attack Types

What Is a Botnet?

A botnet is a distributed network consisting of many compromised internet-connected devices, which are controlled by a centralized botmaster, and are utilized to perform synchronized tasks. Each infected machine is called a bot, and together their power is used to carry out various attacks. Botnets are usually created via malware infections, which gain persistence on the machines and “recruit” them to the botnet. Some of these malware variants can even self-propagate through networks, infecting many devices via one network entry point. The bandwidth amount “taken” from each bot is relatively small, so that the victim will not realize that their device is being exploited, but when thousands or even millions of machines are simultaneously instructed to perform a joint, targeted attack, the damage can be immense.

Although we are used to thinking of botnets as a collection of computers, these networks can be comprised of various types of devices – personal computers, laptops, mobile devices, smart watches, security cameras, and smart house appliances.

Read More

Share this:

5 Ways Attackers Can Hack Your Email Account

 

When security personnel think of email attacks, usually the first word that comes to mind is “phishing." While phishing is a very common (and sadly, very successful) attack vector, many threat actors take a different approach to gaining access to victims’ accounts. Breaching an email mailbox is a critical first step, creating a doorway to endless exploitation possibilities.

In this blog post, we will outline five different ways that cyber attackers can breach your email account and steal personal information.

Read More

Share this:

ThreatSTOP Securing the New Work from Home Workforce For Free

Photo Cred: Forbes

Many companies have gone completely remote, and had to do it quickly in light of current events, but that doesn’t mean the need to secure company data has diminished. As more workers are accessing secure files and applications from home, there is an increased need for organizations to be thinking about how to secure those devices that are accessing that information. We have already seen evidence that criminals are trying to take advantage of this situation to launch attacks against companies, and employees working from home without the security protections of the company network are targets for opportunistic attacks.

Read More

Share this:

Cyberattackers Exploit Coronavirus Frenzy in Phishing Email Campaign

 

With the Coronavirus death toll constantly on the rise, people are becoming more and more panicked. It seems that almost everyone these days is thirsty for any information they can get on how to avoid the deadly virus, creating a tremendous opportunity for cyber attackers to exploit these fears and steal personal information and credentials.

Read More

Share this:

Why Email Is Such a Dangerous Platform (And How to Protect Yourself)

Malicious emails are one of the cyber realm’s most widespread epidemics. Over 215 billion business and consumer emails are received daily, and with such an overwhelming flow of emails arises a very attractive opportunity for threat actors to easily penetrate victims’ online activity and lure them in to giving up credentials, downloading malware and more. According to the Symantec Internet Threat Security Report, one out of 412 emails contains a malware attack.

Although it seems as though cyber awareness is somewhat increasing due to the attempt to keep up with rapid advances in attack techniques, preying on human error continues to be extremely rewarding for threat actors. In retrospect, many email attack victims are dumbfounded when they realize that the email they so willingly acted upon is quite obviously suspicious upon second look. On top of that are highly thought out, sometimes tailored malicious emails, which do not even alert relatively cyber-aware people.

Read More

Share this:

Riltok Mobile Banking Trojan Stealing Credit Card Information with Phishing Ads

Riltok is a mobile banking Trojan that uses mobile phishing pages to steal credit card information from its victims. Discovered in 2018, Riltok started out solely attacking Russian targets, yet it quickly began attacking victims in other European countries as well. The Trojan is spread via malicious SMS messages, which contain links that direct the victims to a fake website posing as a popular free ad service.

Once on the website, victims are prompted to click and download the Trojan, disguised as the ad service’s mobile app. If downloaded, Riltok connects to its C&C server to exfiltrate device data, and opens a fake Google Play screen or phishing page in a browser, requesting the victim’s bank card details.

Read More

Share this:

Getting Real (SMB) Value From Threat Intelligence

You’ve probably heard of Threat Intelligence, it's all the rage and all the cool kids are doing it… where’ve you been? Threat Intelligence, or “TI,” is everywhere and in everything, and it can be cool, but it can also be slippery and confusing and complex and a huge waste of time and resources depending on what you do (or don’t do) with it. In this post, we’re going to make a bunch of snarky statements about Threat Intelligence, and we’re going to spill the tea on how you (as a small or medium sized business) can use it and actually get some security value in return.

Read More

Share this:

How ThreatSTOP's Security Research Team Uses Data to Create Targets & Block Suspicious Traffic

One of the challenges in threat intelligence is taking the massive amount of data we have about the threat landscape and distilling it into its most relevant components. A huge part of the reason for growth in data science (and in cyber security specifically) is habitually struggling with too much information. (With some exceptions) With this roadblock, it’s a challenge to focus in on the data that’s truly relevant.

Read More

Share this:

Shooting Phish in a Barrel: How Phishing Sites are Fooling You With SSL/TLS Certificates

In the past, a green padlock icon would inform the user that a site is secure and legit, whether it was true or false. Now, that is no longer the case. We are seeing more and more phishing sites using SSL/TLS certificates to try and fool people into thinking that a phishing site is actually legitimate. The appearance of free SSL/TLS certificates, which can be applied with ease (Let’s Encrypt, Comodo and more), allow scammers to harness SSL certificates to their own agenda, giving misguided people the felling of false security.

Read More

Share this:

LIVE WEBCAST: The Basics to Understanding the Secret Life of DNS – Protecting Against Modern Threats at Scale

DNS is one of the single biggest important components to making the global internet work and it is often the most neglected aspects of a network. Invented in the 80's, DNS “just works," but its ease of use has people overlooking the power of using it to protect their customers. DNS offers the first clues to what is going on in your network and is used by criminals to steal data.

Read More

Share this:

Home Page

ARCHIVES

see all

OTHER THREATSTOP OUTLETS

  1. ThreatSTOP on YouTube
  2. ThreatSTOP on Twitter