The Science of Security

Where our innovative threat intelligence is formulated and analyzed.

RA Labs was created to give our customers the most accurate and secure safety services available in today’s cyber sphere. As an innovative research center, RA Labs lays the framework behind our intel process: collection, normalization, analysis and solutions.

The intel derived from RA Labs’ highly accurate feed of malicious IPs and domain names organically “learns” from all RA-supported devices worldwide and in real time. All made possible by our patented automated analysis combined with our expert security systems and threat intelligence professionals.

Weekly Security Briefing

In our continued effort to inform businesses about the latest in cyber security events, RiskAnalytics would like to invite you to subscribe to our free weekly security briefing.  

Subscribers to this briefing will receive:

  • Current and actionable IP threat intelligence that can be ingested into a firewall or SIEM
  • Our top 10 most shunned IP addresses, both inbound and outbound
  • Synopsis of the previous week’s security activity
  • Breaking news updates from the RiskAnalytics ‘ Security Labs Team

Please fill out the form below:

Weekly Security Statistics

Trending Blocked Attackers

209.66.128.2  –  Brute Force

196.52.43.60  –  Recon Bot 

184.105.247.247  –  Recon Bot

184.105.247.238  –  Recon Bot

118.193.31.222  –  Recon Bot

158.85.81.121  –  Recon Bot

158.85.81.123  –  Recon Bot

196.52.43.57  –  Recon Bot

91.200.12.15  –  Brute Force

209.66.128.18  –  Brute Force 

Trending Blocked Destination

141.8.226.58  –  Locky Ransomware

208.91.197.91 –  Zeus Banking Trojan

50.63.202.50  –  Zeus Banking Trojan

184.168.221.58 –  Zeus Banking Trojan

184.168.221.33 –  Zeus Banking Trojan

209.99.64.25 –  BotNet Command & Control (Sality)

66.240.205.34 –  BotNet Command & Control (Sality)

5.2.83.60 –  BotNet Command & Control (Sality)

37.139.13.118  –  Malware / Phishing Site

162.244.35.210 –  Malware / Phishing Site

Top News of the Week

As of Monday September 11, RA Labs is tracking a nascent BotNet that appears to consist mostly of exploited routers. While it bears some similarity to other popular telnet “IoT” BotNets, we have not yet determined which family this one belongs to. [continue reading]

Security Lexicon: Sality

When the source code to Zeus Banking Trojan was leaked, the code was modified by a group of criminals and released as Sality. This zeus derivative is still a dangerous trojan that's seen frequently. Known Sality command and control nodes are blocked through ShadowNet as part of our Zeus and BotNet Command & Control feeds.