malvertising,malicious js, bugat domains

Posted on April 29th, 2012 in New Domains by dglosser

Added 137 domains associated with google safebrowsing, malvertising, malicious javascript, etc. Sources include exposure.iseclab.org, safebrowsing.clients.google.com, stopmalvertising.com and others (all sources are listed in our domain.txt file.)

Compressed files are located at: http://www.malware-domains.com (full zone files, note the dash)  and http://dns-bh.sagadc.org/.  We also have a mirror dedicated to research and Open Source Projects – contact us for details.

* Please help to keep this site free and donate whatever you can:  All donations go to hosting and infrastructure costs.
* These malware block lists provided here are for free for noncommercial use as part of the fight against malware.   Any use of this list commercially is strictly prohibited without prior approval.
* Please use the “datestamp” and “timestamp” file to determine if the list has been updated and ONLY pull the files you need – abusers will be banned! Use wget -N”!
* Yearly sponsorships are available. Full acknowledgment, an icon, and link back to your site will be placed in the left sidebar.
* Domains.txt file is the complete list along with original reference. Justdomains contains list of only the domain names. BOOT file is in MS DNS format. Malwaredomains.zones file is in BIND format.  Also Available in AdBlock, ISA, and MaraDNS formats. A trusted source on the WOT-the Web of Trust . Used by SURBL, MOREnet, SANs, and others…

sqli: Block Njukol -dot – com

Posted on April 29th, 2012 in 0day,iframes,New Domains,sql injection by dglosser

We received a report that there’s  a sqli injection going on with  njukol . com/ r.php.  Please check your web sites and add this to your block or shun list.      Original Source: http://ilion.blog47.fc2.com/

Check your download scripts ASAP

Posted on April 29th, 2012 in Domain News,mirror by dglosser

Check your download scripts ASAP….

Too many users are STILL pointing to the main www site for the zone files, which have not been here for MONTHS…

PLEASE update your scripts to pull from one of the download mirrors. DO NOT point to the www (blog) site  as there is nothing to download.