Feed

0Day: block wwwwyyyyy [dot] cn ASAP

Posted on December 10th, 2008 in New Domains by dglosser

Multiple sources have reported that there is a new exploit in the wild which was not patched by Microsoft’s latest set of patches.

Block ASAP:

wwwwyyyyy .cn
sllwrnm5 .cn
down .hs7yue .cn,
js.tongji.cn .yahoo.com
www.baikec .cn
www.laoyang4.cn
www.oiuytr .net
www.taisha .org

List will updated tonight but you should not wait….

Sources:

http://www.breakingpointsystems.com/community/blog/patch-tuesdays-and-drive-by-sundays

http://tools.cisco.com/security/center/viewAlert.x?alertId=17236

Over 100 new domains to add to your Blocklists

Posted on December 6th, 2008 in asprox,New Domains,rogue antivirus,spam by dglosser

Bad phishing domains, botnet domains, rogue antivirus, asprox and other domains you don’t want visiting your network. Sources include: ddanchev.blogspot.com, www.matchent.com, siteadvisor, threatexpert, and others:

0107 .es meeteingchristams .com
0175 .es meetwithyourfriends .com
0307 .es miteodemo .com
0secure .bz muchnude .mine .nu
10c0ka49t .com 2008-noadware-antivirus .com
murakamus .cn nanoantivir .com
27go .co .uk nanoantiviruscheck .com
2coxi8sb6 .com neegzlh35 .com
2j1f .net neeunt .com
42cert .asia no0k .com
51apps .gs nuclear3 .com
51exec .gs oirerbio .com
5nt29884j .com biznews .podzone .org
5nt5r3keh .com onlineservclass .com
6query .us oryitugf .com
7azwmrsg5 .com christmasclasses .com
8e9 .ne pdefzone .com
9batch .tk personal-defender .com
a725jv8ik .com personaldefender2009 .com
absoluts .org pn3ekq976 .com
adobeflash107 .com pro-scanner-online .com
adtctqypoa .com concours-accesd .com
anfelt .com q06ciwt60 .com
aspx37 .me rewinzie .com
baikec .cn sclassmeet .com
bgoryomek .com serveronlines .com
ole55 .us site60 .co .uk
page65 .tk sllwbd8 .cn
classmatesus .com stableclickz1 .com
classmts .com stgsfw7sr .com
prpoqpsy .com suspended-domain .ru
d8ri1iz5d .com terrimlo .com
daohang08 .com tgsfw7sr .com
defender-review .com updatemics .com
defender2009 .com updatemics1 .com
demovideons .com updatemicz .com
downloadcentrer .com meetclassns .com
usersoftware .in vps4 .picnato .com
fgpeinwq .com web1inst .com
findzproportal1 .com web2inst .com
fke5nnp8m .com web3inst .com
getsgd .com web4inst .com
gffsfpey .com downloadservers7 .com
whv67 .cn wwqwseed .com
zgynkmd .cn www-17173 .com
zgynkmu .cn www-onlinedown .com
zgynkmy .cn y171108 .com
ide92 .ws youblognews .net
ieenttio .com younewsblog .net
iloveeverybody .tj yourblognews .net
ioctl2 .jp yournewsblog .net
ipluginu .cn ypouaypu .com
ipowerwebz .mine .nu liveinternetstatistics .ws
j0rykafwn .cn louinda .net
jnlyf96v4 .com mediabspl .com
ki7wvgauf .com zp304ju3z .com
klassmanes .com goodmeetingsoon .com
linenetz .com googiesindication .com
historycleaner2009 .com ia-payment-pro .com

Contact us if you want to help us keep the Malware Domain Blocklist current.
Read this page if you want to report a false positive.
Domains.txt file is the complete list along with original reference.
Updates are located at http://www.malwaredomains.com/updates
The full files are located at: http://www.malwaredomains.com/files
BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.Also available in AdBlock, ISA, and MaraDNS formats!
Now a trusted source on the WOT-the Web of Trust!
Used by SURBL, MOREnet, and others…

List Cleanup: 120+ domains unlisted

Posted on December 2nd, 2008 in Domain News,Removed Domains by dglosser

Over 120 domains were removed,  either because they haven’t been active for more than two years or have been reevaluated as not associated with malware. Diff files are located in the files and updates directory.