The Science of Security
Where our innovative threat intelligence is formulated and analyzed.
RA Labs was created to give our customers the most accurate and secure safety services available in today’s cyber sphere. As an innovative research center, RA Labs lays the framework behind our intel process: collection, normalization, analysis and solutions.
The intel derived from RA Labs’ highly accurate feed of malicious IPs and domain names organically “learns” from all RA-supported devices worldwide and in real time. All made possible by our patented automated analysis combined with our expert security systems and threat intelligence professionals.
Weekly Security Briefing
In our continued effort to inform businesses about the latest in cyber security events, RiskAnalytics would like to invite you to subscribe to our free weekly security briefing.
Subscribers to this briefing will receive:
- Current and actionable IP threat intelligence that can be ingested into a firewall or SIEM
- Our top 10 most shunned IP addresses, both inbound and outbound
- Synopsis of the previous week’s security activity
- Breaking news updates from the RiskAnalytics ‘ Security Labs Team
Please fill out the form below:
Trending Blocked Attackers
220.127.116.11 – Brute Force
18.104.22.168 – Recon Bot
22.214.171.124 – Recon Bot
126.96.36.199 – Recon Bot
188.8.131.52 – Recon Bot
184.108.40.206 – Recon Bot
220.127.116.11 – Recon Bot
18.104.22.168 – Recon Bot
22.214.171.124 – Brute Force
126.96.36.199 – Brute Force
Trending Blocked Destination
188.8.131.52 – Locky Ransomware
184.108.40.206 – Zeus Banking Trojan
220.127.116.11 – Zeus Banking Trojan
18.104.22.168 – Zeus Banking Trojan
22.214.171.124 – Zeus Banking Trojan
126.96.36.199 – BotNet Command & Control (Sality)
188.8.131.52 – BotNet Command & Control (Sality)
184.108.40.206 – BotNet Command & Control (Sality)
220.127.116.11 – Malware / Phishing Site
18.104.22.168 – Malware / Phishing Site
Top News of the Week
As of Monday September 11, RA Labs is tracking a nascent BotNet that appears to consist mostly of exploited routers. While it bears some similarity to other popular telnet “IoT” BotNets, we have not yet determined which family this one belongs to. [continue reading]
Security Lexicon: Sality
When the source code to Zeus Banking Trojan was leaked, the code was modified by a group of criminals and released as Sality. This zeus derivative is still a dangerous trojan that's seen frequently. Known Sality command and control nodes are blocked through ShadowNet as part of our Zeus and BotNet Command & Control feeds.