We average one DDoS a month during the summer. People are on vacation so there are fewer victims to prey on and fewer attackers to architect their demise. The number of attacks spikes after Labour Day coinciding with the start of a new school year. Schools aren’t the only target but they certainly are the biggest though, admittedly, our results may be skewed by the sheer number of students within member organizations.

URLhaus is a fantastic free resource that provides many feeds. We’re going to focus on DNS Response Policy Zone (RPZ), also known as DNS firewall, which allows you to block the resolution of certain domain names on your DNS resolver. URLhaus extracts domain names from malware URLs and offers them as an RPZ dataset conveniently formatted to be a BIND DNS zone drop in. This is a high confidence feed because it blocks domains that are actively distributing malware.

Universal Health Services was shutdown by ransomware on September 27th affecting more than 90,000 employees operating 26 acute care hospitals, 328 behavioral health inpatient facilities, and 42 outpatient facilities. DURING. A. PANDEMIC.

A botnet’s greatest weakness is its reliance on domain names. Malware analysis quickly reveals these domain names so that you can work toward seizing or shutting then down and effectively cripple or disable the botnet. Regular readers know we have recently started actively blocking malicious domains via DNS. Many countries do not assist with shutting down these botnets therefore the only fix is blocking the domain.

Google is formally banning stalkerware from Google Play effective October 1st, 2020. There are a few exceptions but “these apps cannot be used to track a person (a spouse, for example) without their knowledge or permission unless a persistent notification is displayed while the data is being transmitted.”