News: Cexx forums, with volunteers dedicated to helping you remove malware and stay protected
 
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
October 31, 2014, 04:36:22
Pages: 1 2 [3] 4 5 ... 31   Go Down
  Print  
Topic: Malware Domain Blocklist updated...  (Read 80535 times)
0 Members and 1 Guest are viewing this topic.
« Reply #30 on: June 07, 2010, 12:47:56 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8367



FYI...

Urgent Block: google-analytics(dot)dynalias.org
- http://www.malwaredomains.com/wordpress/?p=1013
June 7th, 2010 - Please block google-analytics. dynalias. org.

Sources:
- http://www.symantec.com/business/security_response/writeup.jsp?docid=2010-060601-3020-99&tabid=2
Updated: June 7, 2010 1:56:30 AM

- http://phil-secu.over-blog.net/

 Exclamation
Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #31 on: June 09, 2010, 02:28:08 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8367



FYI...

Scareware, trojan, exploit domains
- http://www.malwaredomains.com/wordpress/?p=1015
June 8, 2010 - "A bunch of new domains associated with scareware, exploits, trojans, etc. Sources: paretologic.com, www3.malekal.com, www.kvarcasvany.hu, ddanchev.blogspot.com and others..."

 Exclamation
Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #32 on: June 09, 2010, 13:41:05 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8367



FYI...

Urgent Block: ww-dot-robint-dot-us
- http://www.malwaredomains.com/wordpress/?p=1017
June 9, 2010 - "ww(dot)robint(dot)us has been injected into over 111,000 IIS/ASP sites. Please add this to your blocklist ASAP (or refresh your zone file, as last night’s update included that domain) Sources:
- http://blog.sucuri.net/2010/06/mass-infection-of-iisasp-sites-robint-us.html
- http://nsmjunkie.blogspot.com/2010/06/anatomy-of-latest-mass-iisasp-infection.html
- http://isc.sans.edu/diary.html?storyid=8935 "

- http://boards.cexx.org/index.php?topic=17009.msg80958#msg80958

 Evil or Very Mad Evil or Very Mad
« Last Edit: June 09, 2010, 15:35:37 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #33 on: June 12, 2010, 08:27:45 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8367



FYI...

many scareware, exploit, and rogue domains added
- http://www.malwaredomains.com/wordpress/?p=1025
June 12, 2010 - "Sources: ddanchev.blogspot.com, jsunpack.jeek.org, and others..."

 Exclamation
Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #34 on: June 15, 2010, 03:13:29 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8367



FYI...

zeus, 8080, rogue domains... added
- http://www.malwaredomains.com/wordpress/?p=1034
June 14, 2010 - "Sources include: malwaredomainlist.com, malc0de.com, support.clean-mx.de, zeustracker.abuse.ch..."

- http://www.abuse.ch/?p=2568
May 17, 2010 - "... Arbor Networks... has added a fingerprint in their Peakflow product family to help Internet Service Providers (ISPs) and companies around the world to mitigate, protect and monitor malicious ZeuS C&C Botnet traffic within their Networks. The fingerprint provided by Arbor is being generated in cooperation with the ZeuS Tracker... If you are a network administrator and your company is runing Arbor Peakflow you just can activate the fingerprint using Arbor’s Active Threat Feed policies (ATF)."

 Exclamation
« Last Edit: June 21, 2010, 14:03:29 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #35 on: June 16, 2010, 02:26:03 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8367



FYI...

fastflux, zeus, trojan domains added
- http://www.malwaredomains.com/wordpress/?p=1044
June 15, 2010 - "sources include secuboxlabs.fr, atlas.arbor.net, www.malwaredomainlist.com, zeustracker.abuse.ch..."

- http://atlas.arbor.net/summary/fastflux
"Fast flux hosting is a technique where the nodes in a botnet are used as the endpoints in a website hosting scheme. The DNS records change frequently, often every few minutes, to point to new bots... Currently monitoring 562 active fastflux domains..."

 Exclamation
« Last Edit: June 16, 2010, 02:35:34 by AplusWebMaster » Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #36 on: June 18, 2010, 17:19:38 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8367



FYI...

dns-bh update: 145 new domains
- http://www.malwaredomains.com/wordpress/?p=1054
June 18, 2010 - "Sources include: secuboxlabs.fr, www.malwaredomainlist.com, support.clean-mx.de, ddanchev.blogspot.com..."

 Exclamation
Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #37 on: June 20, 2010, 17:35:18 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8367



FYI...

fake video, exploit, rogue security domains
- http://www.malwaredomains.com/wordpress/?p=1058
June 20, 2010 - "Sources include: paretologic.com, malwaredomainlist.com, malc0de.com..."

 Exclamation
Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #38 on: June 22, 2010, 16:09:33 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8367



FYI...

Urgent block: volgo-marun .cn & sicha-linna8 .com
- http://www.malwaredomains.com/wordpress/?p=1065
June 22, 2010 - "From cyberinsecure.com:
    The support site of leading Chinese PC manufacturer Lenovo has been compromised by unknown attackers who injected a rogue IFrame into the pages over the weekend. Security researchers warn that unwary visitors looking for drivers are exposed to several exploits that install the Bredolab trojan onto their computers.
    The IFrame points to an exploit kit hosted on a domain called volgo-marun. cn. After performing several checks to determine what vulnerable software they had installed on their computer, the visitors were served with exploits targeting older versions of Internet Explorer, Adobe Reader or Adobe Flash player... and receives commands from C&C server with domain sicha-linna8 .com "

 Evil or Very Mad
Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #39 on: June 23, 2010, 01:26:38 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8367



FYI...

128 new zeus, rogue, exploit domains
- http://www.malwaredomains.com/wordpress/?p=1067
June 22, 2010 - "128 new domains associated with exploits, zeus, rogue and other maliciousness..."

 Exclamation
Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #40 on: June 25, 2010, 01:42:00 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8367



FYI...

Artro, asprox,zeus,rogue domains…
- http://www.malwaredomains.com/wordpress/?p=1081
June 24, 2010 - "Sources include: x.maldb.com, abuse.ch, m86security.com, secuboxlabs.fr..."

 Exclamation
Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #41 on: July 02, 2010, 09:06:01 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8367



FYI...

20 new domains
- http://www.malwaredomains.com/wordpress/?p=1088
July 2, 2010 - "Quick update… 20 New domains..."


 Exclamation
Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #42 on: July 05, 2010, 13:41:55 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8367



FYI...

List Cleanup: 646 Domains Removed
- http://www.malwaredomains.com/wordpress/?p=1092
July 5, 2010 - "646 domains have been removed. Please let us know if any need to be readded. There were 31 domains added in July 2009 and, a year later, are still actively serving up malware (according to google safebrowsing)..."

 Exclamation
Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #43 on: July 07, 2010, 01:39:23 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8367



FYI

138 new domains
- http://www.malwaredomains.com/wordpress/?p=1094
July 6, 2010 - "138 new domains, including some gumblar and “malvertising” domains. Sources include: mdl.paretologic.com, malc0de.com/database/, blog.unmaskparasites.com, stopmalvertising.com..."

 Exclamation
Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
« Reply #44 on: July 08, 2010, 07:01:51 »
AplusWebMaster Offline
Global Moderator WWW

Karma: 501
Posts: 8367



FYI...

Update: 246 harmful domains
- http://www.malwaredomains.com/wordpress/?p=1097
July 8, 2010 - "sources: securehomenetwork.blogspot.com, blog.unmaskparasites.com, www.freepcsecurity.co.uk, blog.dynamoo.com and others..."

 Exclamation
Logged

This machine has no brain.
....... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.
 
Pages: 1 2 [3] 4 5 ... 31   Go Up
  Print  
 
Jump to:  

Powered by SMF 1.1.20 | SMF © 2013, Simple Machines Page created in 0.272 seconds with 19 queries.