Subscribe to ThreatSTOP feed
Updated: 4 min 33 sec ago

ThreatSTOP Partners with Global Cyber Alliance to Protect the Internet

Fri, 11/17/2017 - 01:03

Threat Intelligence Platform Company powers free service to protect against malicious internet sites.

ThreatSTOP Update: Parasites - IPs & Malware Domain List (MDL) Feed

Wed, 10/25/2017 - 19:01

The "Parasites - IPs" and "Malware Domain List (MDL) Feed - IPs" targets are being deprecated and will be unavailable for use after November 1st.  They are being deprecated due to the relatively high false positive incidence associated with IP address-based malware targets.

ThreatSTOP Launches FirstSTOP Responder Support Program

Tue, 10/24/2017 - 19:49

Threat Intelligence Platform Company to provide Incident Responders special pricing and free licensing of ThreatSTOP proprietary investigation and remediation tools.

Xbot, HawkEye, and AZORult – Three Malware Families

Tue, 10/10/2017 - 11:41

Xbot, HawkEye, and AZORult have made recent appearances on the CyberCrimetracker and are now tracked by both the tracker and ThreatSTOP. The goal of the three families is stealing sensitive information from victims.

Xshell Ghost – All Ex Machina, None of the Deus

Mon, 10/09/2017 - 12:46

Certain versions of Xshell contain a backdoor that could allow for data exfiltration.

New Drive-by Targets

Mon, 10/02/2017 - 14:30

ThreatSTOP Launches New Roaming Endpoint DNS Defense

Wed, 09/20/2017 - 17:18
Lightweight and powerful protection against ransomware, phishing, malware, and data theft for laptops and other off-premise devices.

CARLSBAD, CA: September 20th, 2017: ThreatSTOP, the integrated platform for weaponizing threat intelligence, today announced the general release of ThreatSTOP Roaming Defense, a lightweight agent that rapidly detects and automatically blocks malicious DNS queries on off-premise devices.

ThreatSTOP Adding Point of Sale Malware Defense

Tue, 09/19/2017 - 15:05

Point of Sale (POS) malware is a growing field of concern for the retail industry. From the large scale attack on Target in 2014 to smaller attacks that are going unreported. POS malware is an evolving field of study for security researchers.

Mobile Device Malware on the Rise, ThreatSTOP Responds

Wed, 09/06/2017 - 13:30

The threat landscape is ever changing, in Q1 of 2017 alone, mobile ransomware attacks increased 250%. Mobile devices are an inseparable part of our life, making these valuable and vulnerable targets. As with any technology we use, ThreatSTOP is creating new ways to defend our customers.

Bi-Weekly Security Update 8/30/2017

Wed, 08/30/2017 - 17:58

Malicious Content Identified and Inserted:

Bi-Weekly Security Update 8/18/2017

Fri, 08/18/2017 - 20:44

Malicious Content Identified and Inserted: Targets, Blocking Three Additional Ransomwares

Thu, 08/17/2017 - 12:16


ThreatSTOP Security Researchers have added three new target lists to our system. These targets leverage additional data from the ransomware tracker at to secure against ransomware threats.

CRBR Encryptor: A Ransomware By Any Other Name Would Encrypt as Well

Mon, 08/14/2017 - 18:10

It's not unusual for brands to occasionally have to re-envision themselves. Apparently this applies to legitimate and illicit brands equally.

Qakbot Is Back & Targeting Banking Credentials

Fri, 08/11/2017 - 18:18

Qakbot, also known as Qbot, is a network worm targeting banking credentials. It propagates by copying itself to network drives and infecting removable drives.

Author Releases Private Key Unlocking Petya/GoldenEye Ransomware

Thu, 08/10/2017 - 17:24

In light of the devastating NotPetya attack, the creator of the original Petya ransomware has released his private key for the malware. This means victims of the original Petya attacks (excluding NotPetya) will be able to decrypt their files for free.

Hancitor/Chanitor Downloader - You've Got Malspam

Wed, 08/09/2017 - 19:59

Hancitor Downloader has seen many campaigns this year. Malware-Traffic-Analysis, a security research blog operated by Brad Duncan, has published over 40 related articles since the beginning of 2017. Each article covers malspam delivering the downloader, with no sign of the campaigns' wavering.

ThreatSTOP Software Update & New Target Names

Tue, 08/08/2017 - 21:42

We’re always looking for ways to increase your security protection and improve your experience when working with our solutions. ThreatSTOP will be releasing a software update on August 9th, 2017.

Remember Emotet Malware? It's Back.

Tue, 08/08/2017 - 19:47

Emotet (also Geodo, Feodo) is a banking trojan (discovered by Trend Micro in 2014) that targeted German and Austrian banking clients. In 2015, Kaspersky published findings of a variant targeting Swiss banking clients. Differences in this version included a new public RSA key (replacing the previous version) and removal of comments and debugging information from the Automatic Transfer System (ATS) script. This script enabled the automatic transfer of funds from the infected users bank account to the cyber criminal's.

ZeroT Dropping PlugX RAT: Another Day, Another APT

Mon, 08/07/2017 - 22:15


A cyber group attributed to Chinese APT activity has used the downloader ZeroT  since February 2016, as reported by Proofpoint in 2017.


Want to Learn More?

Request a free, 30-minute online walk-through of the ThreatSTOP Platform.

Request a Free Demo

Already in Prevention Mode?

Sign-up for a free, 14-day trial of the ThreatSTOP Platform.

Start a Free Trial

Prefer a Free Assessment?

Use any of our free assessment tools to better
understand your need for proactive defense.

Get a Real-time Assessment