<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

CATEGORY ARCHIVES: specific-threats

Cerber Ransomware Gets Stronger, Adds DDoS Capabilities

Cerber ransomware debuted in late February of this year, and has already become the third most prevalent ransomware based on a recent Fortinet statistic. The ransomware is typically distributed via emails containing macro-enabled Word documents, Windows Script Files, or Rich Text Documents. Cerber uses a strong, unbreakable encryption, and has a number of features that, when combined, make it unique in today's ransomware landscape.

Read More

Share this:

Panda Banker - Expanding coverage

The Panda Banker banking Trojan, recently uncovered by Fox IT, is related to one of the most famous and destructive banking Trojans in history, Zeus. The Panda Banker is designed to collect victim's login information and online banking credentials and is currently being used to target banking customers in the United Kingdom and Australia. Like its predecessor, the Panda Banker integrates more advanced persistence, infection strategies and modules, which makes the Panda Banker a considerable threat to its victims.

Read More

Share this:

Poseidon Has Taken Up Spearfishing

 

Read More

Share this:

ThreatSTOP Report: BlackEnergy

Attacks on critical infrastructure are a top concern for government officials and the private sector alike. The ramifications of losing power can be life threatening and have a negative impact on operations of businesses and public services.

Read More

Share this:

Don't Fall Prey to Ransomware

Ransomware is an ingenious method used by criminals to extract money from their victims. The basic scenario is:

Read More

Share this:

I Smell a (Trochulis) RAT

BACKGROUND

Read More

Share this:

New OpenSSH Vulnerability

new vulnerability has been found on OpenSSH which is used by almost all Linux/BSD distributions, as well as many network infrastructure devices to allow SSH connectivity. The vulnerability applies to any SSH device that allows for user/password logins as opposed to shared keys.  And, from my quick review of the vulnerability, it seems to be common on almost every device that has not had password logins specifically disabled. The vulnerability allows an attacker to attempt many thousands of passwords for a user, instead of the default 3-6, before being blocked.

Read More

Share this:

Important updates to the TS Critical target list

As with many other people in the cybersecurity world, ThreatSTOP received notification today about a spear phishing campaign using some of the zero day vulnerabilities leaked from “Hackinged Team” at the beginning of the month. ThreatSTOP is happy to report that we are blocking the IOCs in that notification for all our customers who use either the TSCritical Target List or the Lists that include it – BASIC or BOTNETS - in their firewall policy.

Read More

Share this:

How BYOD are Targets for Malware

With the ever-presence of hand-held devices, smart phones and other mobile devices, it’s easy to forget that such items are simply small computers and therefore susceptible to the same attacks that get headlines on the nightly news.

Read More

Share this:

ThreatSTOP blocking Superfish

At ThreatSTOP we have been reading about the Lenovo/Superfish adware security hole with amazement. Not so much at the enormous gaping hole that has been discovered (sadly that seems to be SOP at too many places) but at the way that the various parties involved have completely failed to understand that they have created such an enormous gaping hole.

Read More

Share this:

Home Page

OTHER THREATSTOP OUTLETS

  1. ThreatSTOP on YouTube
  2. ThreatSTOP on Twitter