See how the Zero Trust Exchange can help you leverage cloud, mobility, AI, IoT, and OT technologies to become more agile and reduce risk
See how the Zero Trust Exchange can help you leverage cloud, mobility, AI, IoT, and OT technologies to become more agile and reduce risk
Protect and empower your business by leveraging the platform, process and people skills to accelerate your zero trust initiatives
Zscaler: A Leader in the Gartner® Magic Quadrant™ for Security Service Edge (SSE) New Positioned Highest in the Ability to Execute
Secure work from anywhere, protect data, and deliver the best experience possible for users
Ransomware is the biggest threat to digital business. Learn how to take a proactive, zero trust approach to safeguarding your enterprise
Your network security is costing more than it’s worth. See how five companies drove simplicity, savings and security
It’s time to protect your ServiceNow data better and respond to security incidents quicker
Join a recognized leader in Zero trust to help organization transform securely
Join a recognized leader in Zero trust to help organization transform securely
Join a recognized leader in Zero trust to help organization transform securely
A detailed analysis was provided, here, on the new version of the Storm Worm making it's rounds this week. I went looking in our logs for HTTP POSTs to three and four character GIF and JPG files with relatively small request and response sizes (<1000 bytes). What I found was a number of transactions to 91.212.127.114 (on Telos, no PTR record).
A small snippet of transactions:
There is a ThreatExpert report on the related server / malware, which is identified as Email-Worm.Zhelatin (name used by Kaspersky and F-Secure for the Storm Worm). The infected hosts connect out to mail servers in attempts to mass-mail and infect others. Here is a list of some of the email servers that it connects to:
Keep an eye out for these types of transactions within your networks.