Malware Domain Blocklist updated...

[AplusWebMaster]

Malware Domain Blocklist - 03.05.2015

FYI...

njrat, phishing, malspam domains
- http://www.malwaredomains.com/?p=3840
Mar 5, 2015 - "Added 162 njrat, malicious spam, phishing and attack domains from blog.dynamoo.com, ybertracker.malwarehunterteam.com, openphish.com and others..."

:fear:

 

[AplusWebMaster]

Malware Domain Blocklist - 03.07.2015

FYI...

Huge Update: 1000+ Fraud Domains
- http://www.malwaredomains.com/?p=3842
Mar 7, 2015 - "Added over 1000 fraud domains from spamhaus in addition the usual malvertising, and other malicious domains..."
___

Over 16,000 Domains Delisted
- http://www.malwaredomains.com/?p=3844
Mar 9, 2015 - "We did a pretty massive list recertification, and 16235 domains were delisted. Please update your blocklists...

:fear::fear:

 

[AplusWebMaster]

Malware Domain Blocklist - 04.04.2015

FYI...

195 New Domains
- http://www.malwaredomains.com/?p=3849
April 4th, 2015 - "Added 195 domains (cutwail, rig ek, flagged as malicious from google safebrowsing, etc). from spamhaus, sans, safeweb, malcode, etc..."
___

- http://www.malwaredomains.com/?p=3847
April 2nd, 2015
... some recent updates:
3/22 – 394 domains added
3/27 - 1136 domains added
3/29 – 729 domains added
3/31 – 906 domains added

:fear::fear:

 

[AplusWebMaster]

Malware Domain Blocklist - 04.08.2015

FYI...

cutwail, dyre, zeus, snowshoe domains
- http://www.malwaredomains.com/?p=3855
April 8th, 2015 - "Recently added over 800 new domains from gist.github.com, spamhaus.org and google safebrowsing..."

:fear::fear:

 

[AplusWebMaster]

Malware Domain Blocklist - 04.09.2015

FYI...

snowshoe, rokso, attack pages
- http://www.malwaredomains.com/?p=3857
April 9th, 2015 - "Added 430 domains from spamhaus and google safebrowsing (attack pages, rokso, snowshoe, etc)..."

:fear::fear:

 

[AplusWebMaster]

Malware Domain Blocklist - 04.11.2015

FYI...

malvertising, phishing domains
- http://www.malwaredomains.com/?p=3859
April 11th, 2015 - "Added 100 domains associated with malicious ads and phishing..."


:fear::fear:

 

[AplusWebMaster]

Malware Domain Blocklist - 04.13.2015

FYI...

244 new domains added (phishing, tinba, dyreza, attack pages)
- http://www.malwaredomains.com/?p=3865
April 13th, 2015 - "Added 244 new domains (attack pages, phishing, tinba) from google safebrowsing, virustotal, phishtank and others..."

:fear:

 

[AplusWebMaster]

Malware Domain Blocklist - 04.14.2015

FYI...

cryptowall domains (phishing, malspam, trojan, zeus too)
- http://www.malwaredomains.com/?p=3867
April 14th, 2015 - "Added 258 domains (cryptowall, and some zeus, malicious spam, phishing, and other malicious domains). Sources include malwareurls.joxeankoret.com, mwsl.org.cn, threatexpert, and others.."

:fear::fear:

 

[AplusWebMaster]

Malware Domain Blocklist - 04.17-19.2015

FYI...

Palevo, phishing, and other malicious domains
- http://www.malwaredomains.com/?p=3869
April 17th, 2015 - "Added 180 domains (Palevo C&C, phishing, and other malicious badness) from phishtank, openphish, joxeankoret and others..."
___

243 New Domains
- http://www.malwaredomains.com/?p=3871
April 19th, 2015 - "Added 243 domains from joewein, zeustracker, cybertracker, vxvault and other sources containing domains associated with zeus, Andromeda and other badness your browser or your users computers connecting to or from..."

:fear::fear:

 

[AplusWebMaster]

Malware Domain Blocklist - 04.21.2015

FYI...

sofacy, kins, tinba, russiandoll domains
- http://www.malwaredomains.com/?p=3873
April 21st, 2015 - "Added 358 domains associated with sofacy, kins, tinba, russiandoll* and other badness which may be used as an IOC by monitoring your server logs. Sources include pwc.blogs.com, google safebrowsing, spamhaus and others..."

* https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html

:fear::fear:

 

[AplusWebMaster]

Malware Domain Blocklist - 04.25.2015

FYI...

Over 1200 Domains (Bedep, Dyre, Phishing)
- http://www.malwaredomains.com/?p=3875
April 25th, 2015 - "A huge update with -1219- domains added. Many phishing domains from openphish but also some Bedep and Dyre domains (from arbornetworks virustotal) and some flagged by google safebrowsing..."

:fear::fear:

 

[AplusWebMaster]

Malware Domain Blocklist - 04.27.2015

FYI...

598 VBS Trojan, pharma, Andromeda, exploit domains
- http://www.malwaredomains.com/?p=3878
April 27th, 2015 - "Added -598- vbs.trojan.downloader. script.exploit. Andromeda. Pharma Spam domains from dwm.cc, joewein, spamhaus.org and others..."

:fear::fear:

 

[AplusWebMaster]

Malware Domain Blocklist - 05.01.2015

FYI...

Over 630 domains added
- http://www.malwaredomains.com/?p=3885
May 1st, 2015 - "Added over 630 pharma spam, fraud, phishing domains from dynamoo.com, joewein, spamhaus and others..."

:fear::fear:

 

[AplusWebMaster]

Malware Domain Blocklist - 05.02.2015

FYI...

458 Domains Added
- http://www.malwaredomains.com/?p=3887
May 2nd, 2015 - "Added 458 domains reported by google, joewein, openphish and other sources as malicious, fraud, spam or other badness..."

:fear::fear:

 

[AplusWebMaster]

Malware Domain Blocklist - 05.08.2015

FYI...

209 domains added
- http://www.malwaredomains.com/?p=3892
May 8th, 2015 - "209 domains added (pharma spam, phishing, malspam, etc) from openphish, phishtank, spamhaus and others..."

:fear:

 

[AplusWebMaster]

Malware Domain Blocklist - 05.12.2015

FYI...

Recent Updates
- http://www.malwaredomains.com/?p=3894
May 12th, 2015 - "Added -198- domains on 5/8 and 187 domains on 5/11. Sources include joxeankoret, spamhaus, safeweb, and safebrowsing..."

:fear:

 

[AplusWebMaster]

Malware Domain Blocklist - 05.28.2015

FYI...

Recent Updates
- http://www.malwaredomains.com/?p=3896
May 28, 2015
5/15 – 230 Domains
5/21 – 135 Domains
5/25 – 104 Domains

:fear::fear:

 

[AplusWebMaster]

Malware Domain Blocklist - 06.08.2015

FYI...

Recent Updates
- http://www.malwaredomains.com/?p=3902
June 8th, 2015
6/4 – 216 domains
6/7 – 158 domains
"Domains included: cryptowall, njrat, password stealers, andromeda, etc."

:fear::fear:

 

[AplusWebMaster]

Malware Domain Blocklist - 07.04.2015

FYI...

Immortal Malware Domains
- http://www.malwaredomains.com/?p=3909
July 3rd, 2015 - "'Immortal' Malware Domains are those which were identified as malicious anywhere between 90 and 360 days ago, but according to google safebrowsing, are -still- actively involved in badness. Some of these domains have been on the DNS-BH List for YEARS. We also added about 70 new domains to our list of long-lived “immortal” malware domains. The list is up to 4022 entries...
Note: this list is incorporated in the main list..."
- Latest updates: http://mirror1.malwaredomains.com/files/
05-Jul-2015 15:17
___

Recent Updates
- http://www.malwaredomains.com/?p=3911
July 5th, 2015 - "Added 270 Domains on 7/3 and 7/5. Please update your blocklists..."

:fear:

 

[AplusWebMaster]

Detecting Dynamic DNS Domains in Splunk

FYI...

Detecting Dynamic DNS Domains in Splunk
- http://www.malwaredomains.com/?p=3914
Aug 8th, 2015 - "From:
- http://blogs.splunk.com/2015/08/04/detecting-dynamic-dns-domains-in-splunk:
'Name a security breach or sample of malware in the last five years and you will come across a fairly common denominator: the malware (or the method of data exfiltration) used a “Dynamic DNS” hostname to connect to the Internet... The use of dynamic DNS providers for -malicious- purposes is extremely wide spread. OpenDNS Security Labs reported that over 56% of subdomains on some DDNS providers were malicious. Similarly, Cisco reported that dynamic DNS linked websites were 19% more likely to be malicious than other websites...'

Please let us know of any Dynamic DNS Domains not on the list and we’ll add them."

:fear::fear: