In the past week we saw a massive surge in hits on customer logs coming from the IP 45.146.165[.]11. Our security research team checked it out, and found that it has been the launch pad for abnormally large amounts of traffic trying to reach customer machines. On one customer network alone they got over 2 million hits.

ThreatSTOP will be implementing changes to our severity labels to be consistent and clearer throughout our policies. We are not changing the policies themselves. Some targets, however, will have different severities and that may impact the volume of alerts you see in your portal account. Accordingly, we wanted to communicate those changes and the rationale behind them.

We are happy to announce a new ThreatSTOP originated target, TS Originated - Tor Proxies - Domains, which provides protection from various malware and ransomware variants which utilize Tor proxy services to attack victims.

Abuse of Tor proxy services for malicious use has been on the rise in the past two years, with many ransomware variants demanding ransom payments over the Tor network. The Tor network, which gives its users anonymity, is a great platform for threat actors to deploy their malicious activity while hiding from discovery.

ThreatSTOP is excited to introduce a brand new target to our DNS Defense line up, curated with feeds from MS-ISAC, MDL, MVPS Hosts and ThreatSTOP's own security team. Currently (as list is due to change and since we keep updating and changing our curated targets to improve them), the new “TS Curated – Core Threats – Domains” target includes these feeds:

The threat landscape is ever changing, in Q1 of 2017 alone, mobile ransomware attacks increased 250%. Mobile devices are an inseparable part of our life, making these valuable and vulnerable targets. As with any technology we use, ThreatSTOP is creating new ways to defend our customers.

ThreatSTOP Security Researchers have added three new target lists to our system. These targets leverage additional data from the ransomware tracker at abuse.ch to secure against ransomware threats.

One of ThreatSTOP's goals has been to help reduce spam on the Internet. Besides being a source of constant annoyance in email, spam, malspam, phishing and spear-phishing all pose large security risks. In recent years, spammers have also discovered a new prime target for spam: website commenting systems. 

ThreatSTOP's Security team is adding multiple new targets based on the cybercrime-tracker to our expert and standard lists. These lists will better help our customers against various sources of cybercrime. 

Those of you who follow cybersecurity news in general and our blog in particular have likely noticed a rise in the number of ransomware-related events.