Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

RSA Adds Blacklist Data Feeds to CyberCrime Intelligence Service

New “Blacklist” Reports Help Organizations Proactively Block Malicious Traffic from Trojans and Phishing Sites

New “Blacklist” Reports Help Organizations Proactively Block Malicious Traffic from Trojans and Phishing Sites

Today’s advanced malware such as the Zeus and SpyEye Trojans can silently capture and exfiltrate sensitive corporate data contained on enterprise endpoints, including proprietary information such as legal documents, healthcare records and corporate trade secrets. However, many organizations are blind to these threats and the impact malware within their systems can have on their bottom line.

CyberCrime BlacklistsRSA, The Security Division of EMC, this week announced updates to its CyberCrime Intelligence Service, aiming to help enterprises address these threats with new daily reports on black-listed hosts and IP addresses used by cybercriminals for launching attacks and communicating updates to malware-infected systems that may be part of a botnet.

The new “blacklist” reports help security professionals identify corporate end points and resources that may be at risk as a result of malware infection.

Additionally, blacklist data feeds can automatically be fed into third party web filtering software, intrusion detection/prevention systems and other network monitoring and security solutions to help sever the communication channels of existing malware, eliminating its ability to siphon information from companies and receive new instructions from command and control servers.

Related Reading: Threat Sharing – A Necessary Defense Strategy

“IT organizations have traditionally focused on layered security which protects the perimeter. Now is the time to provide the same layered security model internally as well. That model, based on Governance, Risk and Compliance, must assume that malware has penetrated the enterprise and mitigate any damage which might occur,” said Phil Blank, Managing Director, Security, Risk and Fraud at Javelin Strategy & Research. “By employing actionable information contained in threat intelligence reports and supplemented by active blacklist feeds to help prevent communications with command and control servers and data leakage, an enterprise can significantly improve their security posture and reduce their risks.”

“Corporate internet users increasingly represent the largest source of infection in the enterprise by data-stealing malware via spear-phishing emails and social engineering attacks,” said Sam Curry, Chief Technology Officer for RSA’s Identity and Data Protection group.

The RSA CyberCrime Intelligence Service offers companies insight into potential compromises gleaned from the RSA Trojan Research Labs and a network of anti-virus, firewall, anti-spam and Web crawling partners. RSA aggregates and analyzes the information to provide customers with continuous updates and visibility on the latest malware and malicious hosts discovered across the Internet.

RSA also offers consulting services along with its CyberCrime Intelligence Service offering, to help customers identify and implement plans to reduce cybercrime risk.

Related Reading: Advanced Fraud Threats in Mobile Environments

Written By

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.