Page 3 of 31 FirstFirst 123456713 ... LastLast
Results 21 to 30 of 302

Thread: Malware Domain Blocklist updated...

  1. #21
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Malware Domain Blocklist updated - 2012.07.10 ...

    FYI...

    246 malicious domains added...
    - http://www.malwaredomains.com/wordpress/?p=2783
    July 10th, 2012 - "A very large update consisting of 246 domains associated with malvertising, iframes, black hole exploits, etc. Sources include malwaredomainlist.com, sucuri.net, dynamoo.com..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #22
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Malware Domain Blocklist updated - 2012.07.12 ...

    FYI...

    RunForestRun, malspam, malvertising Domains
    - http://www.malwaredomains.com/wordpress/?p=2788
    July 12th, 2012 - "Added 150 domains (runforestrun, malspam, malvertising)."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #23
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Malware Domain Blocklist updated - 2012.07.16 ...

    FYI...

    Relisted Domains ...
    - http://www.malwaredomains.com/wordpress/?p=2791
    July 16th, 2012 - "Just went through a bunch of older domains and relisted almost 50 of them. Or do the bad guys wait and “lay low” with their domain until “the coast is clear” and once google safebrowsing delists them, they once again use the domain to serve up malware (Whack-a-Mole)? Do they have google APIs and check daily to see if their domain is delisted?... It’s like fast-flux except the time frame is months instead of minutes.:

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #24
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Malware Domain Blocklist updates ...

    FYI...

    DNS-BH Updates: 7.19 and 7.21
    - http://www.malwaredomains.com/wordpress/?p=2794
    July 22nd, 2012 - "Been remiss about mentioning updates on 7.19 and 7.21. Please update your blocklists/sinkhole..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #25
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation IntelliDownload malvertising...

    FYI...

    IntelliDownload (stopmalvertising.com)
    - http://www.malwaredomains.com/wordpress/?p=2797
    July 23rd, 2012 - "... article about IntelliDownload*...
    * http://stopmalvertising.com/malware-...-browsing.html
    Jul 20, 2012 - "... it doesn’t disclose that it will hijack advertisements on several major websites and replace them with ads from oadsrv .com, scrape your Facebook data, spy on your browser session and report every move you make on the web back to chango .com ..."

    Please study the domains listed in the article and take appropriate action (the domains have -not- yet been added to this blocklist)."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #26
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Malware Domain Blocklist updated - 2012.07.25 ...

    FYI...

    Java Exploit domains, trojans, rogues
    - http://www.malwaredomains.com/wordpress/?p=2800
    July 25th, 2012 - "A small but important update containing domains associated with Java exploits, rogue antivirus, trojans, and other malicious domains you don’t want visiting your computer or network. Sources include mwis.ru, malwaredomainlist.com, and urlquery.net..."
    ___

    - https://blogs.technet.com/b/mmpc/arc...edirected=true
    25 Jul 2012 - "The last few months we have seen a drastic increase in Java-based malware abusing the CVE-2012-0507* AtomicReferenceArray type-confusion vulnerability. In addition to that, a few weeks ago, a new Java vulnerability was found (CVE-2012-1723)**; it is also a type-confusion vulnerability. The attack abusing this new vulnerability is also very active... The most effective measure against these vulnerabilities is -updating- your Java installation. To check the version of JRE your browser is running, visit following link:
    http://www.java.com/en/download/installed.jsp ..."

    * http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-0507 - 10.0 (HIGH)
    ** http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-1723 - 10.0 (HIGH)

    Last edited by AplusWebMaster; 2012-07-26 at 15:43.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #27
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Domain Blocklist update...

    FYI...

    RunForestRun DGA Update (update your Domain Blocklist) ...
    - http://www.malwaredomains.com/wordpress/?p=2805
    July 26th, 2012 in 0day, New Domains
    > http://blog.unmaskparasites.com/2012...mate-js-files/
    26 Jul 12 - "... a quick recap of the RunForestRun attack: It began in mid-June and infected many servers with Plesk Panel since then. Hackers used Plesk’s File Manager to inject malicious code (mainly) at the bottom of .js files..."

    "RunForestRun has changed the domain generating algorithm (DGA), and now uses waw.pl subdomains (instead of .ru) in malicious URLs."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #28
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Malware Domain Blocklist updated - 2012.07.28 ...

    FYI...

    RunForestRun DGA Domains
    - http://www.malwaredomains.com/wordpress/?p=2811
    July 28th, 2012 - "Added over 200 RunForestRun Domains listed at blog.unmaskparasites.com."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #29
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Malware Domain Blocklist updated - 2012.08.03 ...

    FYI...

    DNS-BH Aug3 Update – relisted domains
    - http://www.malwaredomains.com/wordpress/?p=2813
    August 3rd, 2012 - "Added 203 domains – domains were at one time delisted but are once again associated with malware..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  10. #30
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Domain blocks/IPs to Block ASAP...

    FYI...

    Domains and IPs to Block ASAP
    - http://www.malwaredomains.com/wordpress/?p=2825
    August 9th, 2012 in 0day, sql injection - "Two posts from the Internet Storm Center:
    > https://isc.sans.edu/diary.html?storyid=13864
    SQL Injection Lilupophilupop style – Lists about a dozen domains you should immediately add to your blocklists plus more in Dynamoos blog*.
    > https://isc.sans.edu/diary.html?storyid=13861
    Zeus/Citadel variant causing issues in the Netherlands – Follow the links and block those IP addresses ..."

    * http://blog.dynamoo.com/2012/08/more...-block-on.html

    Last edited by AplusWebMaster; 2012-08-09 at 19:24.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •