<span id="hs_cos_wrapper_post_body" class="hs_cos_wrapper hs_cos_wrapper_meta_field hs_cos_wrapper_type_rich_text" style="" data-hs-cos-general-type="meta_field" data-hs-cos-type="rich_text" ><p style="text-align: justify;">Brute forcing passwords is a concept that's been around so long it almost feels like some relic of the past. But a recent T-Mobile data breach compromising the personal information of 54 million users serves as a reminder that this attack methodology can still lead to colossal damages today.</p> <p style="text-align: justify;"><span style="color: #000000;"><!--more--></span><span style="color: #000000;">Brute force is an attack method involving repetitive attempts to guess a victim’s password. Hackers will try out various password combinations, hoping to hit on the right one. To do this, they typically use an automated brute force password-cracking software, and leverage botnets for the power they need to deploy the many password-cracking attempts. Brute Forcing helped attackers score some big breaches over the last decade, including<span style="font-weight: bold;"> Dunkin' Donuts</span> (2015, 19K users money stolen, $650K lawsuit settlement costs), <span style="font-weight: bold;">Alibaba</span> (2016, 20M user accounts compromised), the <span style="font-weight: bold;">Northern Irish Parliament</span> (2018, parliament member e-mailboxes exposed), and many more.&nbsp;</span></p> <p style="text-align: justify;"><span style="font-weight: bold;">Having a web-focused cyber protection layer is an absolute must.</span> ThreatSTOP is proud to partner with Amazon AWS to deliver managed rules for their Web Application Firewall (WAF) that protects web services from <span style="color: #000000;">cyber attacks, including botnets and brute force. </span><span style="color: #000000;"><a href="https://aws.amazon.com/marketplace/seller-profile?id=ba39e0ed-a6c4-48e3-9b52-28f089f4c275" rel="noopener">ThreatSTOP's cloud platform</a> uses live, highly curated threat intelligence to enable enforcement points like the AWS WAF to end threats before they start, and prevent further communication with attacker networks. Say goodbye to brute force attacks and credential stuffing with ThreatSTOP's managed rules for the AWS WAF.</span></p> <div> <h4 style="font-weight: bold; text-align: justify;"><span style="color: #000000;">ThreatSTOP offers 4 managed rule sets for the AWS WAF:</span></h4> <ul> <li style="direction: ltr; text-align: justify; font-weight: bold;"> <p><span style="color: #000000;">ThreatSTOP - New and Active HTTP Threats<br><span style="font-weight: normal;">The New and Active HTTP Threats Managed Rules for AWS WAF protects exposed services from a range of threats including SSH attacks, Brute Forcers, Crackers, Shellshock, Apache Server Attacks, and more. Multiple HTTP threat intel feeds are aggregated and analyzed for continuously updated protection. <a href="https://aws.amazon.com/marketplace/pp/prodview-66rljnfummbr6?ref_=srh_res_product_title" rel="noopener">Check it out.</a></span><br></span><span style="color: #000000;"></span></p> <span style="color: #000000;"><span style="font-weight: normal;"></span></span></li> <li style="direction: ltr; text-align: justify; font-weight: bold;"> <p><span style="color: #000000;">ThreatSTOP - New and Active Malicious Bots<br><span style="font-weight: normal;">New and Active Bots identifies and blocks the attacker infrastructure hosting and controlling malicious Bots like Crawlers and Spiders that target your exposed services. The rules are dynamically updated using leading intelligence sources that have been curated by ThreatSTOP Security. <a href="https://aws.amazon.com/marketplace/pp/prodview-3c3mb3lf7vris?ref_=srh_res_product_title" rel="noopener">Check it out.</a></span></span></p> <span style="color: #000000;"><span style="font-weight: normal;"></span></span></li> <li> <p><span style="color: #000000;"><strong>ThreatSTOP - CoreThreats</strong><br>Our famous CoreThreats is built by aggregating and analyzing over 800 quality threat intelligence feeds, applying human and machine intelligence, then rapidly updating the managed rules to block threats and attacker infrastructure. CoreThreats stops a broad range of attacks with very high accuracy. <a href="https://aws.amazon.com/marketplace/pp/prodview-wruwzxkc6uvsm?ref_=srh_res_product_title" rel="noopener">Check it out.</a></span></p> </li> <li style="direction: ltr; text-align: justify; font-weight: bold;"> <p><span style="color: #000000;">ThreatSTOP - ITAR and OFAC<br><span style="font-weight: normal;">Simplify compliance and security challenges by blocking inbound IP connections from ITAR and OFAC sanctioned countries, including Crimea. These managed rules track changes from the US State Department International Traffic in Arms Regulations, and the US Treasury Department Office of Foreign Asset Control. <a href="https://aws.amazon.com/marketplace/pp/prodview-nljlmgzzm2wje?ref_=srh_res_product_title" rel="noopener">Check it out.</a></span></span></p> </li> </ul> </div> <p style="text-align: center;">&nbsp;</p> <p style="text-align: center; font-weight: bold;"><span style="color: #000000;"><em>Try ThreatSTOP Managed Rules for the AWS WAF, and get Premium CheckIOC for Free!</em></span></p> <p style="text-align: center;"><span style="color: #000000;"><em></em></span></p></span>