Malware Domain Blocklist - 04.25.2015
FYI...
Over 1200 Domains (Bedep, Dyre, Phishing)
- http://www.malwaredomains.com/?p=3875
April 25th, 2015 - "A huge update with -1219- domains added. Many phishing domains from openphish but also some Bedep and Dyre domains (from arbornetworks virustotal) and some flagged by google safebrowsing..."
:fear::fear:
Malware Domain Blocklist - 04.27.2015
FYI...
598 VBS Trojan, pharma, Andromeda, exploit domains
- http://www.malwaredomains.com/?p=3878
April 27th, 2015 - "Added -598- vbs.trojan.downloader. script.exploit. Andromeda. Pharma Spam domains from dwm.cc, joewein, spamhaus.org and others..."
:fear::fear:
Malware Domain Blocklist - 05.01.2015
FYI...
Over 630 domains added
- http://www.malwaredomains.com/?p=3885
May 1st, 2015 - "Added over 630 pharma spam, fraud, phishing domains from dynamoo.com, joewein, spamhaus and others..."
:fear::fear:
Malware Domain Blocklist - 05.02.2015
FYI...
458 Domains Added
- http://www.malwaredomains.com/?p=3887
May 2nd, 2015 - "Added 458 domains reported by google, joewein, openphish and other sources as malicious, fraud, spam or other badness..."
:fear::fear:
Malware Domain Blocklist - 05.08.2015
FYI...
209 domains added
- http://www.malwaredomains.com/?p=3892
May 8th, 2015 - "209 domains added (pharma spam, phishing, malspam, etc) from openphish, phishtank, spamhaus and others..."
:fear:
Malware Domain Blocklist - 05.12.2015
FYI...
Recent Updates
- http://www.malwaredomains.com/?p=3894
May 12th, 2015 - "Added -198- domains on 5/8 and 187 domains on 5/11. Sources include joxeankoret, spamhaus, safeweb, and safebrowsing..."
:fear:
Malware Domain Blocklist - 05.28.2015
FYI...
Recent Updates
- http://www.malwaredomains.com/?p=3896
May 28, 2015
5/15 – 230 Domains
5/21 – 135 Domains
5/25 – 104 Domains
:fear::fear:
Malware Domain Blocklist - 06.08.2015
FYI...
Recent Updates
- http://www.malwaredomains.com/?p=3902
June 8th, 2015
6/4 – 216 domains
6/7 – 158 domains
"Domains included: cryptowall, njrat, password stealers, andromeda, etc."
:fear::fear:
Malware Domain Blocklist - 07.04.2015
FYI...
Immortal Malware Domains
- http://www.malwaredomains.com/?p=3909
July 3rd, 2015 - "'Immortal' Malware Domains are those which were identified as malicious anywhere between 90 and 360 days ago, but according to google safebrowsing, are -still- actively involved in badness. Some of these domains have been on the DNS-BH List for YEARS. We also added about 70 new domains to our list of long-lived “immortal” malware domains. The list is up to 4022 entries...
Note: this list is incorporated in the main list..."
- Latest updates: http://mirror1.malwaredomains.com/files/
05-Jul-2015 15:17
___
Recent Updates
- http://www.malwaredomains.com/?p=3911
July 5th, 2015 - "Added 270 Domains on 7/3 and 7/5. Please update your blocklists..."
:fear:
Detecting Dynamic DNS Domains in Splunk
FYI...
Detecting Dynamic DNS Domains in Splunk
- http://www.malwaredomains.com/?p=3914
Aug 8th, 2015 - "From:
- http://blogs.splunk.com/2015/08/04/d...ins-in-splunk:
'Name a security breach or sample of malware in the last five years and you will come across a fairly common denominator: the malware (or the method of data exfiltration) used a “Dynamic DNS” hostname to connect to the Internet... The use of dynamic DNS providers for -malicious- purposes is extremely wide spread. OpenDNS Security Labs reported that over 56% of subdomains on some DDNS providers were malicious. Similarly, Cisco reported that dynamic DNS linked websites were 19% more likely to be malicious than other websites...'
Please let us know of any Dynamic DNS Domains not on the list and we’ll add them."
:fear::fear: