ZEN

ZEN, the Spamhaus composite blocklist comprised of SBL, XBL and PBL. The Spamhaus Blocklist (SBL) includes IP addresses of devices that have been observed to be sending spam; that are hosting botnet C&C servers; URIs of compromised websites; IP addresses involved in email appending services; and domains and services that are advertised within spam emails. The Spamhaus exploit blocklist (XBL) comprises individual IP addresses of computers that have been observed to be involved in sending malicious email, rather than IP address ranges or networks.

RPZ

Based on its real-time threat intelligence, Spamhaus Response Policy Zones (RPZ) use domain reputation and IP reputation data to prevent computers from connecting to malware-hosting sites and botnet C&Cs. Acting as a DNS firewall, RPZ offers protection as soon as bad domains become active: minimising the window of opportunity for malware to compromise users’ devices, leak data, or otherwise harm your network and data assets.

BCL

Botnet operators use huge networks of malware-infected computers to distribute spam and ransomware; steal data; conduct phishing campaigns; and launch DDoS attacks. Botnet Controller Lists (BCL) is designed to block all such malicious IP traffic at the network edge. When installed on edge routers, BCL prevents malicious traffic from entering or leaving your network

ZRD

To protect users from clicking on links that take them to unknown, uncategorized domains that could be harmful, Spamhaus Technology has introduced a new Zero Reputation Domain (ZRD) service based on Spamhaus’ temporal data. ZRD automatically adds newly-registered domains to a blocklist, allowing you to protect your customers from receiving emails from new malicious domains.

PROTECTING MAIL STREAMS: Constantly Updated Protection


Phishing and malicious emails are still the most common methods used by cyber criminals to infect company networks with malware, trojans and ransoware.

Malware-infected computers, controlled by bot herders, add to the global spam problem and are regularly deployed in DDoS attacks by hacktivists and cyber criminals.

Mail system administrators need to block spam without preventing legitimate emails from being received. Network administrators want to protect bandwidth for business-critical processes without expending excessive resources on filtering out spam.

Organizations worldwide use Spamhaus DNSBLs to block the vast bulk of spam at the SMTP gateway, significantly reducing the time and cost of processing unsolicited and malicious email traffic.

Spamhaus DNSBL, ZEN, DBL, SBL, XBL, PBL, ZRD, DROP and eDROP are updated continuously. This arms ISPs, web hosts, network operators, mail service providers and telecom companies with real-time information about the origins of incoming emails and links contained within them: allowing them to block, accept or quarantine messages according to their own policies.

Incoming email sent from a DNSBL-listed domain or IP address can be blocked at the mail gateway or passed to a more granular filtering system. Best practice is to undertake staged filtering: first to remove obvious spam sent from known botnets and spammers’ IP addresses, followed by more meticulous analysis to identify emails containing malware or links to new websites that are controlled by spammers and cybercriminals.

Spamhaus Technology DNSBL datafeeds enable email service providers simply to remove the vast majority of spam before it gets anywhere near their customers' networks. False positives are extremely rare, which is why most of the world’s major email providers rely on these datafeeds, with 3 billion mailboxes protected worldwide.

IP Reputation for EMAIL

-
DROP and eDROP

The Spamhaus Do not Route Or Peer (DROP) advisory list includes IP address ranges that are known to have been hijacked by professional spammers and cyber criminals, or have been directly allocated to criminal organizations by a regional internet registry (RIR).

PBL

The Spamhaus Policy Block List (PBL) includes IP address ranges for end-user devices, such as home routers and smart TVs, from which email should never be sent.

SBL

The Spamhaus Block List (SBL) is a database of IP address ranges that are involved in distributing unsolicited emails

XBL

The Spamhaus Exploits Blocklist (XBL) is a comprehensive blocklist that is updated in near real-time

Domain Reputation for EMAIL

+
DBL

To help mitigate the risks created by users visiting bad domains and clicking on links in phishing emails, Spamhaus developed its Domain Block List (DBL) to provide near real-time protection for your network assets.

ZRD

To protect users from clicking on links that take them to unknown, uncategorized domains that could be harmful, Spamhaus Technology has introduced a new Zero Reputation Domain (ZRD) service based on Spamhaus’ temporal data. ZRD automatically adds newly-registered domains to a blocklist, allowing you to protect your customers from receiving emails from new malicious domains.

FAQ

+
IP and Domain Intelligence

Looking to protect networks, apps and platforms yourself? Malwarevision's raw security intelligence data allows developers and security companies to crerate custom datasets tailored to their own usage.

PROTECTING NETWORKS: The rise in global cyber crime exploits has increased the risk for all internet users


Spamhaus’ global team of security researchers constantly monitors spam traffic to identify domains and IP addresses that are linked to: spamming, phishing, botnets, DDoS, ransomware and other malicious activity. Our researchers know that new exploits can often be traced back to the same handful of botnet operators. Using this information, we can arm organizations with the ability to deflect connections from harmful domains and IP addresses.

Spamhaus constantly gathers temporal data on newly-registered domains and new email senders, looking for anomalous or adverse behaviour that indicates criminal activity. Malware samples are run in sandboxes to study how exploits work and Spamhaus researchers analyze the inter-relationship of data to discover where threats might be linked.

Spamhaus Technology’s constantly refreshed datastream provides system administrators, network managers and security practitioners with context on the origins and severity of the latest cyber criminal campaigns; and the ability to block harmful email and IP traffic at the network edge before it can do any harm. Our Response Policy Zones and Border Gateway Protocol feeds are also used to disrupt communication between botnet nodes and C&C servers, to prevent data egress from malware-infected devices.

Find out why our real-time threat intelligence is used by the world’s largest organizations and service providers to block malicious email and IP traffic and shield their networks from connecting to bad domains, before they can do any harm.

Security Solutions

-
DNS RPZ

In the worst case scenario, a user clicking on a phishing link could lead to complete compromise of the corporate network. Security professionals can mitigate this risk by using Response Policy Zones (RPZs) to block access to malicious sites by preventing the DNS from resolving to malicious domains and IP addresses. This protects users from visiting newly-registered malware dropper sites and bad IP addresses that pose a significant risk.

Spamhaus Technology Response Policy Zones use domain and IP reputation data from Spamhaus’ real-time threat intelligence data to protect users' computers from connecting to harmful sites as soon as the domains are registered and before they can compromise users’ computers and harm your network.Developed in collaboration with Deteque and ISC, Spamhaus Technology RPZ helps to prevent data loss by disrupting communications between C&C servers and infected botnet nodes on your network.

Use RPZs for phishing awareness. Rather than simply returning NX Domain, organizations can also use RPZs to improve security awareness by redirecting employees to a page warning of the dangers of visiting particular websites or clicking on links in phishing emails. This approach can be used to identify users who would benefit from training in how to spot and avoid clicking on phishing links and reinforces your organization’s technological defences with user education.

Spamhaus RPZs are updated up to every sixty seconds and only changes to the lists are broadcast, so that updates can be propagated to all domain name servers worldwide in a matter of seconds. This provides network administrators, security professionals and service providers with the most current threat intelligence to protect their networks from being compromised by people clicking on phishing links, or browsing untrustworthy sites. As soon as the new RPZs are propagated, your network users are unable to connect to listed domains and IP addresses: mitigating the threat from new malicious domains.

BGP Feeds

The BGPf includes the latest Botnet Controller Lists (BCLs), Do Not Route or Peer (DROP) Lists and extended DROP lists (eDROP): delivering almost instant updates to your edge router’s DENY table and preventing any communication with listed IPs. By taking just a few minutes to configure your edge router to peer with a Spamhaus BGPf router and a null route, you can provide your network with the most up to date protection against Botnets; phishing and external attacks on your organization’s servers.

BGPf provides an additional layer in your network security defences. Any routers within your network that are peered with the Spamhaus BGPf router will not be able to communicate with botnet C&Cs, preventing data egress and spamming from infected nodes on your network. Using BGPf, network managers can quickly and simply block communication with IPs involved in the most dangerous cybercrime and stop DDoS attacks in progress.

Threrat Intelligence Data

+
AuthBL

Botnets are often employed by cybercriminals to circumvent SMTP Auth: the security protocol that requires client machines to identify themselves to mailservers prior to being able to send or receive email.

BCL

Botnet operators use huge networks of malware-infected computers to distribute spam and ransomware; steal data; conduct phishing campaigns; and launch DDoS attacks. BCL is designed to block all such malicious IP traffic at the network edge. When installed on edge routers, BCL prevents malicious traffic from entering or leaving your network. he Spamhaus Botnet Controller List (BCL) is a specialised subset of the Spamhaus Block List (SBL) which contains single IP addresses of botnet command and control (C&C)servers.

Malware Domains

Cybercriminals rely upon domains staying online so that their command and control (C&C) servers can send instructions and updates to malware-infected computers and exfiltrate data from them.

eXBL

The Spamhaus extended eXploits Block List (eXBL) is a real-time database of raw and filtered feeds that provides additional information on hijacked IP addresses, including the timestamp of the last connection, the name of the botnet controlling infected nodes, the IP address and port number of the command and control server for some connections, the countries where compromised devices are located and the type of malware used to exploit devices. Spamhaus Technology makes eXBL available to selected security organizations and cyber incident response teams.

eDBL

If your organisation requires more fine-grained information on domains, wants to track a particular domain’s score over a longer period, or you would like to combine DBL with information from your own threat intelligence platform, then DBL is also available as an API: eDBL, allowing you to query the DBL engine.

Passive DNS

The internet works through a system of domain name servers (DNS) resolving queries from client machines. If a DNS resolver is unable to return a domain name from its cache, it sends a recursive request to other name servers: a situation known as a cache miss.

SPAMTrap Feeds

Spamhaus operates a number of automated spamtraps which gather information on IP addresses and domains that are sending mail to email addresses that are dormant; illegitimate; have never been registered; or contain typos.

FAQ

+
IP and Domain Intelligence

Looking to protect networks, apps and platforms yourself? Malwarevision's raw security intelligence data allows developers and security companies to crerate custom datasets tailored to their own usage.

Lorem ipsum dolor sit amet, consectetur adipisicing elit

sed do eiusmod tempor incididunt


Purus Tellus Tortor

80%

Ornare Euismod

70%

Egestas Cras Aenean

50%

Lorum ipsum dolor

90%

Downloads

-

2017-07-20 10:54:49 GMT
Protecting Data in the Healthcare Industry
Criminals focused on getting a financial return from cybercrime have identified a particularly attractive target: the healthcare industry. The industry has a set of characteristics that make it ideal for all kinds of cyber attacks, and it therefore finds itself under cyber attack from many vectors, including ransomware, malware and targeted attacks.

2017-05-15 15:54:49 GMT
Best practices for dealing with phishing and ransomware
Phishing and ransomware are serious problems that can steal or disable access to corporate or personal finances, sensitive employee data, patient data, intellectual property, employee files and other valuable content. Both ransomware and phishing attacks and their variants – spearphishing/whaling and CEO Fraud/Business Email Compromise (BEC) – are increasingly common and are having devastating impacts on businesses of all sizes.

2017-03-23 14:17:49 GMT
Response Policy Zones (RPZ) factsheet
RPZ is a powerful way to block malicious domains and is a highly effective tool in developing best practices across any enterprise.

2017-03-23 14:04:49 GMT
Annual Botnet Report
The Spamhaus Project report details existing and emerging cyber threats. In the past year, Spamhaus researchers issued listings for over 7,000 botnet Command & Control (‘C&C’) servers on more than 1,100 different networks.

2017-02-16 13:04:49 GMT
Email security: The Spamhaus approach
Spam is a problem that just hasn’t gone away. It’s evolved from resource draining ‘affiliate spam’ used to send high volumes of unsolicited marketing messages to the current state where cyber criminals use email to deliver targeted malware and ransomware. They are determined to steal data, commit fraud and exploit your networks. Cyber criminals rely on volume and velocity so real-time threat intelligence from Spamhaus, drawn from live sources across the internet, is your best, first line of defense.

Glossary

+
Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor, sunt aliqua put a bird on it squid single-origin coffee nulla assumenda shoreditch et. Nihil anim keffiyeh helvetica, craft beer labore wes anderson cred nesciunt sapiente ea proident. Ad vegan excepteur butcher vice lomo. Leggings occaecat craft beer farm-to-table, raw denim aesthetic synth nesciunt you probably haven't heard of them accusamus labore sustainable VHS.

Collapsible Group Item #3

+
Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor, sunt aliqua put a bird on it squid single-origin coffee nulla assumenda shoreditch et. Nihil anim keffiyeh helvetica, craft beer labore wes anderson cred nesciunt sapiente ea proident. Ad vegan excepteur butcher vice lomo. Leggings occaecat craft beer farm-to-table, raw denim aesthetic synth nesciunt you probably haven't heard of them accusamus labore sustainable VHS.
64

Statistics (Visitors)

50

Active Visitors

Evaluation Result

Drop us an email


we will respond your message in 24 hours of working day

Email sent !
Failed to send Email !

Recent Portfolio


About MalwareVision


Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scrambled it to make a type specimen book.It has survived not only five centuries, but also the leap into...