#onpatrol4malware Blog
Malware Patrol insights, research, and updates
Stay informed with the latest in cyber threat intelligence, malware trends, and industry insights. The Malware Patrol Blog offers expert analysis, practical advice, and updates on tools and tactics to help you strengthen your defenses and stay ahead of evolving threats.
Tor Exit Nodes: Risks, Monitoring, and Defensive Use
Tor exit nodes frequently appear in cybersecurity discussions, and for good reason. This post explains why they matter so you can decide if your security team should take a closer…
Malicious Domains: A Cybersec Foundation
Malicious domains are a foundational layer of threat intelligence and provide critical visibility into where attackers operate online.
Over 14,000 Ollama Instances Exposed to the Internet – Serious Security Implications
A recent scan conducted by the Malware Patrol team revealed over 14,000 Ollama instances publicly accessible on the Internet, opening…
The Evolution of C2 Communication: Custom TCP Protocols
Introduction Command-and-control (C2, C&C or CNC) servers are used to remotely manage, control, and communicate with compromised systems within a network. They enable attackers…
Tunnel Vision: Looking Out for Malicious Tunneling Use
Tunneling services, also known as “ingress-as-a-service” offers were originally designed to facilitate secure communication over untrusted networks. Over the past several years…
AWS Route 53 DNS Resolver Firewall
There are many security tools available, each serving a unique purpose in safeguarding your digital environment. Among them, the DNS firewall is one of the most effective and well-established....
Malware Patrol + Palo Alto Networks NGFW (PAN-OS)
Malware Patrol offers five Enterprise feeds formatted for use with Palo Alto Networks NGFW (PAN-OS). Customers choose the feed(s) that meet their needs: 1) DNS-over-HTTPS (DoH) Servers: This…
Honeypots: Simple Tools that Supercharge Cybersecurity
Staying ahead of malicious actors is a constant challenge. As threats continue to increase in complexity and sophistication, organizations must adopt innovative approaches to...
Finding the Best Threat Intelligence Vendor
Everyone in our line of business wants to be considered the best threat intelligence vendor. The task of gathering and producing top-notch cyber threat intelligence (CTI) is harder...
New OSINT Feeds: High Risk IPs – Risk Indicators – Tor Exit Nodes
Sharing is Caring To our industry’s credit, there are many good OSINT feeds and data sharing platforms. Even better, they are relatively easy to find. A simple Google search for
Malware Hashes and Hash Functions
An Introduction to Malware Hashes and Hash Functions Malware hashes are found everywhere in our industry. And for a good reason. They very efficiently help identify malware samples.
MISP Project – A free & robust open source threat intelligence platform
The MISP project is a free open source threat intelligence platform (TIP) that stores, analyzes, and shares information about malware.It is co-financed by the European Union and a...
Threat Intelligence Providers vs Threat Intelligence Platforms
In information security, the ability to predict and adapt to the behaviors of criminals can help organizations improve defense strategies against cyber threats.We can do this through the
FortiSIEM Configuration Guide
Malware Patrol + FortiSIEMMalware Patrol offers (5) Enterprise* feeds formatted for integration into FortiSIEM. This allows users to combine the quality of Fortinet's SIEM security platform...
pfSense Configuration guide
pfSense The pfSense project is a free network firewall distribution, based on the FreeBSD operating system with a custom kernel and it also includes third-party free software packages for...
DNS Sinkholes: Detect and Protect
Bots don’t sleep, ransomware finds new ways to infiltrate systems and yesterday’s defenses may be ineffective tomorrow. Cybersecurity requires vigilance. But vigilance alone won’t
Avoiding Black Friday Phishing Scams
? Black Friday is coming and threat actors are already surfing this wave of retail insanity. Not surprisingly, phishing remains an effective way to lure users into handing over their...
MISP Configuration Guide
MISP is a threat intelligence platform for gathering, sharing, storing, and correlating indicators of compromise of targeted attacks, threat intelligence, financial fraud...
Fortinet Configuration Guide
FortiGate NGFWs deliver industry-leading enterprise security for any edge at any scale with full visibility and threat protection. Organizations can weave security deep into the hybrid IT...
Mikrotik Router Configuration
Malware Patrol provides a Mikrotik-compatible version of our Malicious Domains and the Tor Exit Nodes data feeds. In this Mikrotik router configuration guide, you will find all the...
What is Ransomware?
Malware Patrol's CEO Andre Correa was recently interviewed by Dana Mantilia from Identity Protection Planning. They discussed the basics - and more - about ransomware:What is Ransomware?What...