Fighting against False Positives: List Sensitivity and Taxonomies
Since the inception of Apility.io the most recurrent question is ‘How can I fight against False Positives?’ and I must admit there is not an easy way. But let’s start for the beginning. What the hell is a False Positive and why is it so important?
New Domain Blacklist November 2018: CoinBlockerLists cryptomining domains
We incorporate a new domain blacklist: COINBLOCKER-DOMAINS. CoinBlocker is a collection of lists that can help prevent illegal cryptomining in the browser or other applications. Most cryptocurrencies are generated through the process known as “mining.” Much like traditional mining operations, these procedures require the use of energy and resources to complete a process which yields a financial reward. In the case of cryptocurrency mining, the energy required is electricity and computing power. Lurking behind the legitimate cryptocurrency mining community is another group of individuals and organizations that try to mine for crypto using illicit methods.
New IP Blacklist October 2018: IPCATV4-DC – Datacenter IP space
This month we have a new list that should not be considered harmful, but can help cybersecurity analysts and SecOps to find out if an IP can be malicious. The IPCATV4-DC is a list of IPv4 address that corresponds to datacenters, co-location centers, shared and virtual web hosting providers. In other words, IP addresses that end web consumers should not be using.
New IP Blacklist October 2018: CLEANTALK-ORG Forum Spam IP list
This month we are back with IP addresses of forum, blogs and comment site spammers. The CLEANTALK-ORG compiles a database of spam IPs and Emails Database. It allows blocking spammers or other malicious activity. It offers spam protection for forums, boards, blogs and sites.
New Domain Blacklist August 2018: AA419-ORG fraudulent domains
We incorporate a new domain blacklist: AA419-ORG. They offer a complete database of fake bank entries and companies. Advance Fee Fraud has been around, in various forms, for centuries. The basic technique is to convince a victim that they are going to receive a large reward in return for little or no effort on their part. Once the victim is ‘hooked’, the fraudster(s) will gradually reveal various fees that must be paid before the victim can access the fortune that they believe is waiting for them.
New IP Blacklist August 2018: SPYS-ONE anonymous proxy list
We continue with more blacklists with IP addresses of anonymous proxies. The SPYS-ONE free open proxy IP lists is a well-known source of free open proxies in the world. It classifies the proxies by protocol, country, level of anonymity, speed and uptime.
New IP Blacklist July 2018: IDCLOACK-COM anonymous proxy list
This month we have added a new blacklist with IP addresses of anonymous proxies. The IDCLOACK-COM free open proxy IP lists claim to be the largest database of free open proxies in the world. Each IP address and port number will route your internet connection to a proxy server in a remote location.
New Domain Blacklist June 2018: Steven Black hosts files
This month we add several blacklists to our repository of domains: The unified hosts’ files of Steven Black. Steven Black hosts files are known Host files you can use to overwrite your /etc/hosts file in your computer to avoid your naming services to resolve malware, adware, fake news, porn, gambling and social hostnames. It’s up to the user to decide what kind of blacklist want to use.
New IP Blacklist May 2018: TOP100-LATEST-IP and TOP100-1D-IP
This month we have two new IP blacklist slightly different from the lists we have published before: TOP100-LATEST-IP and TOP100-1D-IP. These new lists are the result of our BigData crunching processes over the hundreds thousands of IP addresses analyzed every day. You can visually see it on our IP addresses Blacklist Ranking page updated every hour.
New IP Blacklist April 2018: ALIENTVAULT, BOTSCOUT, BLOCKLISTNET-UA and more.
Here comes a good bunch of more malicious IP addresses lists into our databases. Here goes the details of the new IP Blacklist of April 2018: BOTSCOUT, TEAMCYRU-BOGONS, TOR-BLUTMAGIE, BLOCKLISTNET-UA, BITNODES-IO, BLOCKCHAIN-INFO, BBCAN117, IANA-BOGONS, ALIENTVAULT.
Automatic IP address quarantine: ban IP if domain or email is negative
If you have a SaaS service or you manage the registration system in a forum I am sure you are familiar with this problem: A user registers for the first time in your service, and for some reason decides to create not one, but multiple accounts. When he has consumed the trial period of one account, then he consumes the credit of the other accounts he created. This is the case for Automatic IP address quarantine.
New Domain Blacklist March 2018: SQUIDBLACKLIST
We incorporate a new domain blacklist: SQUIDBLACKLIST. Squidblacklist.org is a service for network administrators the highest quality domain blacklists available for effective, targeted inline filtering leveraging various content control applications and platforms, including Squid Proxy.
New IP Blacklist March 2018: BRUTEFORCEBLOCKER, SSLBL, UCEPROTECT, ZEUS
We have been incorporating more malicious IP addresses lists into our databases. Here goes the details of the new IP Blacklist of March 2018: BRUTEFORCEBLOCKER, SSLBL, UCEPROTECT and ZEUS.