<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

CATEGORY ARCHIVES: shadowserver

ThreatSTOP blocks new Waledac/Storm worm DNS

This is a follow up to the previous post where we noted the emergence of a new 'conficker'-like threat. Thanks to research by our colleagues at Shadowserver it looks like the threat is actually more closely related to the Waledac/Storm worm malware rather than conficker, however that does not stop us from blocking it.

Read More

Share this:

Who is more dangerous? 1&1 or Vietnam?

Over the last couple of days there have been reports that "Vietnam is a haven of malware" with "more than half of [the .vn domains] hosting malware" and that the ISP "1&1" accounts for one in 10 botnet Command & Control (C&C) hosts.

Read More

Share this:

Just Another Malware Monday

Today there are, as usual, a number of active botnets, zero day exploits and purveyors of miscellaneous malware. The one that has received all the publicity is the Windows LNK file exploit which seems to be designed to attack Siemens SCADA systems. Another one that popped up  on the Shadow server listserv is a new sort of malware that packed in such a way that it is not detected by any current anti-virus program - and that will mutate easily to evade the detection algorithms of most anti-virus programs.

Read More

Share this:

ARCHIVES

see all

OTHER THREATSTOP OUTLETS

  1. ThreatSTOP on YouTube
  2. ThreatSTOP on Twitter