This week our Security Research team noticed loads of blocked traffic between ThreatSTOP customer machines and domains recently associated with DarkSide ransomware - the malware behind the Colonial Pipeline shutdown that forced the company to pay $5 million in ransom. The domains - fotoeuropa[.]ro and catsdegree[.]com – logged an accumulative 3.8 million blocked communication attempts in our systems over the last week alone. Almost nothing makes us happier than potential victims saved from malicious threat actors and cyberattack disasters.Read More
The Gafgyt IoT botnet has been around for 7 years already, boasting many different variants over time. Also known as BASHLITE, this botnet has become notorious for launching DDoS attacks, making it almost as well-known as famous botnets such as Mirai in recent years. In 2018, two Gafgyt variants were detected, targeting Apache Struts and SonicWall vulnerabilities. Over the next year, Gafgyt started targeting vulnerable internet of things devices, wreaking havoc on gaming servers all over the world.Read More
We are happy to announce a new ThreatSTOP originated target, TS Originated - Tor Proxies - Domains, which provides protection from various malware and ransomware variants which utilize Tor proxy services to attack victims.
Abuse of Tor proxy services for malicious use has been on the rise in the past two years, with many ransomware variants demanding ransom payments over the Tor network. The Tor network, which gives its users anonymity, is a great platform for threat actors to deploy their malicious activity while hiding from discovery.Read More
We’ve all been bored at work, that’s a given. We don’t have a need to go crashing through the brush looking for our next meal and that leaves our brains with a bunch of extra cycles to spend on life in the modern world. That means our personal lives, our jobs, and what to have for lunch.Read More
ThreatSTOP just updated our Vyatta install script to fully support the latest Vyatta version: 6.2. The new script is backwardly compatible to earlier Vyatta versions however an upgrade is not required for earlier versions of Vyatta. This is just a part of our ongoing Vyatta relationship to fight bots and criminal malware - as mentioned in this press release that came out today. The combination of ThreatSTOP and Vyatta provdes an extremely cost effective method of stopping bots calling home and blocking the servers that deliver bots and other malware that may be used either as a standalone solution or as a method to augment an existing firewall.Read More