Malware Domain List

Malware Related => Malware Analysis => Topic started by: sowhat-x on December 07, 2007, 04:21:45 am

Title: Malware Analysis Blogs
Post by: sowhat-x on December 07, 2007, 04:21:45 am
"Quick reference bookmark" of all security/malware-related blogs mentioned around:
note also that quite a few of the following blogs also support RSS feeds.

Any other blogs/sites of similar content you might stumble upon,
don't just feel free to add them...feel obligated to do so:
knowledge and information should be free for all.
From time to time,submitted links will be 'moved' in the beginning of thread,
with appropriate credits of course to the people that made mention of them.  :)
============================================================

List Last Updated -> 01 Jan 2009
Credits go up to -> brewt , cjeremy , JohnC , tjs, sowhat-x, SysAdMini and UsAr  :)


zairon's Blog
http://zairon.wordpress.com/
Malware analysis,reverse engineering,cryptography...

teamfurry's MW-Blog
http://www.teamfurry.com/
...just scroll down the page,in order to get...a free haircut from toni :D
Make sure you also take a visit at his forum.

Edgar Bangkok's Blog
http://edetools.blogspot.com/
Malware hunter,some nifty tools in his blog also... ;)

DISOG
http://www.disog.org/
Plus...
http://www.disog.org/blog/
Digital Intelligence and Strategic Operations Group

SecureWorks Blog
http://www.secureworks.com/research/blog/
Plus...
http://www.secureworks.com/research/threats/

Websense Security Labs Blog
http://www.websense.com/securitylabs/blog/
Very nice malware analysis/reviews here also,
certainly one of the best blogs out there,
when it comes to analyzing recently found 'in-the-wild' malware.  :)

Arbor Networks Blog
http://asert.arbornetworks.com/
Excellent blog from the Arbor Security Engineering & Response Team (ASERT)...

Dancho Danchev's Blog
http://ddanchev.blogspot.com/
Articles regarding new malware/exploits found in the wild and security in general...

Spamhuntress' Blog
http://spamhuntress.com/
And a list of very useful tools in the wiki:
http://spamhuntress.com/wiki/Tracing_tools

Secure Science Blog
http://www.securescience.net/securescienceblog.html
Check out the papers/source code in the posts regarding GPCode and RansomWare.

Bharath M Narayan's Blog
http://bharath-m-narayan.blogspot.com
Looks for new rogues,malicious websites etc...

Evilcodecave's Weblog
http://evilcodecave.wordpress.com/
As the author says in the main page..."Just another RCE Weblog"  ;)
Here is his "Dark Cave" as well:
http://evilcry.netsons.org/

Jan Gerrit Göbel's Blog
http://zeroq.kulando.de/
Take also a note in his "Infiltrator" script,quite nifty tool... :)

RBNExploit Blog
http://rbnexploit.blogspot.com/
Keeping track in the current state of evolution of the Russian Business Network...

Matchent's Blog
http://matchent.com/wpress/
The author states..."Mostly about spam"... 8)

C.I.S.R.T. 's Blog
http://www.cisrt.org/enblog/
Chinese Internet Security Response Team here...

dxp2532 's Blog
http://dxp2532.blogspot.com/
Neosploit,Icepack,Mpack...and general other malware samples analysis.
Also the author of 'unhash',an open-source MD5/SHA1 hashes bruteforce tool...
http://freshmeat.net/projects/unhash/

Swatkat's Blog
http://swatrant.blogspot.com/
Malware,fake codecs,rogue apps in general etc...
Author of the SysProt rootkit detector also.

Flash's Security Blog
http://flashbladez.blogspot.com/
Fake codecs,sites with rogue apps etc...

TrustedSource Blog
http://www.trustedsource.org/TS?do=threats&subdo=blog
Check also the 'Storm Tracker' in their site...

DShield / SANS Diary
http://www.dshield.org/diary.html
http://isc.sans.org/diary.html
Internet Storm Center's blog... :)

m4v3rick100's Blog
http://maipiugromozon.blogspot.com/
Focuses in Gromozon and other malware as well...

'Push the Red Button' Blog
http://moyix.blogspot.com/
As he says...'Malware,encryption,reverse engineering,networking and other arcana'.
Author of CredDump,a port of 'CacheDump' under Python:
http://code.google.com/p/creddump/

SpywareGuide's Greynets Blog
http://blog.spywareguide.com/
From FaceTime Security Labs - malware,phishing,botnets and more...  :)

MNIN Security Blog
http://mnin.blogspot.com/
Michael Hale Ligh's Blog - "Coding, Reversing, Exploiting"...

Storm Binary Tracker
http://sudosecure.net/
cjeremy's site - tracking down the well-known malware...excellent work... ;)

SecurityZone
http://www.securityzone.org/
Steven Adair's Blog (from Shadow Server Foundation)

Dynamoo's Blog
http://www.dynamoo.com/blog/
Per official statement...'Spam, security, scams, spin and stuff'.

iAntiVirus Blog
http://blog.iantivirus.com/
Research involving viruses, spyware and malware on Mac OS X systems.

Abuse.ch
http://www.abuse.ch/
The Swiss Security Blog: written in German language,ie.use Google Translate etc...

Temerc's Blog
http://temerc.blogspot.com/
And the main site as well...(it also provides malware removal instructions):
http://temerc.com/

S!Ri 's Blog
http://siri-urz.blogspot.com/
From the author of the well-known 'SmitFraudFix' disinfection utility.

Security4all
http://security4all.blogspot.com/

ScanSafe STAT Blog
http://blog.scansafe.com/

s3c-watch Blog
http://s3cwatch.wordpress.com/

SRI Malware Threat Center
http://mtc.sri.com/
Make sure you check out the info provided under the "Data Analysis" tab:
Snort signatures are provided,ip addresses,various kinds of statistics as well...

MX Lab's Blog
http://blog.mxlab.be/
Per statement,"...an aqcuired taste for viruses and spam"...  ;D

Ilion's Blog
http://ilion.blog47.fc2.com/
Very nice work regarding tracking down infected sites,sql injections etc.
For Japanese-speaking people  ;)

PC Security Labs
http://www.pcsecuritylabs.net/
Good friends of ours  ;)
Jeffrey's personal blog as well:
http://www.pcsecuritylabs.net/jeffrey/

Gary Warner's Blog
http://garwarner.blogspot.com/
Per statement:"A Blog about Cyber Crime and related Justice issues"

'I Kill Spammers' Blog
http://ikillspammers.blogspot.com/

SecureBlog
http://www.secureblog.info/
Malware analysis,security articles etc / for Russian language speaking people.

'Spyware Sucks' Blog
http://msmvps.com/blogs/spywaresucks/default.aspx

Roger Thompson's Blog
http://thompson.blog.avg.com/
Blog from the Chief Research Officer at AVG - his previous blog as well:
http://explabs.blogspot.com/

Hosts News
http://msmvps.com/blogs/hostsnews/

Secure Home Networks' Blog
http://securehomenetwork.blogspot.com/

Ocean's InsecLab
http://inseclab.netsons.org/

Cedric Pernet's Weblog
http://bl0g.cedricpernet.net/
Both English/French versions available...

Web Robots Abuse Blog
http://web-robot-abuse.blogspot.com/
"Web robots are visiting sites to hack,spam,email harvest and to scrap your website contect for profit.
This blog is an attempt to keep track of them and to help webmasters by listing the abuse in google."

RealSecurity
http://realsecurity.wordpress.com/
Analysis of malware, reverse engineering, etc

xpl0it Analysis
http://xanalysis.blogspot.com/
Dedicated to incident, exploit and malware analysis

CERT-LEXSI Weblog
http://cert.lexsi.com/weblog/index.php/en

FireEye Malware Intelligence Lab
http://blog.fireeye.com/research/

Marco Cova's Blog
http://www.cs.ucsb.edu/~marco/blog/
One of the autors of Wepawet

================================================

Blogs/sites related to JavaScript,PHP issues,browser bugs etc...

Gareth Heyes's Blog
http://www.businessinfo.co.uk/index.php

Jake Smith's Blog
http://www.thespanner.co.uk/

Ronald van den Heetkamp's Blog
http://www.0x000000.com/index.php
Check the 'Archive' for previous posts,they're listed in a very nice taxonomy...

GNUCitizen
http://www.gnucitizen.org/

XSSed Project
http://www.xssed.com/
"Zone-H" for...XSS attacks  ::)

================================================

Official blogs from AV/Security products' companies...

VirusList - Analyst's Diary
http://www.viruslist.com/en/weblog
Maintained by Kaspersky Lab's analysts...

F-Secure's Blog
http://www.f-secure.com/weblog/

McAfee Avert Labs Blog
http://www.avertlabs.com/research/blog/

Sophos' Blog
http://www.sophos.com/security/blog/

TrendMicro's Blog
http://blog.trendmicro.com/

ESET's Blog
http://www.eset.com/threat-center/blog/

Sunbelt's Blog
http://sunbeltblog.blogspot.com/

ThreatFire / ThreatExpert Blogs
http://blog.threatfire.com/
http://blog.threatexpert.com/
From the 'PC Tools' Advanced Research Team...

Prevx Blog
http://www.prevx.com/blog.asp

Finjan MCRC Blog
http://www.finjan.com/MCRCblog.aspx

Microsoft's anti-malware Blogs as well... ;)

Anti-Malware Engineering Team Blog
http://blogs.technet.com/mmpc
Their older page as well (not all articles/content has been moved yet):
http://blogs.technet.com/antimalware/

================================================

...the following aren't 'blogs',but the usual "good-old-design" websites...  :D

Peter Ferrie's Site
http://pferrie.tripod.com/
The personal site of the well-known virus analyst:
previously worked for Symantec,currently in Microsoft Corporation...
Has lots of virus analysis papers...  8)

Peter Szor's Site
http://www.peterszor.com/
The author of the "Art of Computer Virus Research and Defense" book:
lots of articles and papers in the "Research" area...

Offensive Computing
http://www.offensivecomputing.net/
The biggest public repository of malware samples.
Even more,the first site that "broke" the taboo of sharing malware samples in public,
thereby making them accessible to individual researchers...
Are you in the need of getting access to a specific sample?Here's your best chance... :)

VX Heavens
http://vx.netlux.org/
...by far the most widely known vx resource in the net,
along with the famous magazines of the 29A team...
http://vx.org.ua/29a/
Malware trends come and go,but most of the techniques already documented get recycled...

InDetails
http://indetails.info/
Frequently updated with newer stuff to read / for Russian language speaking people...

SpamWiki
http://spamtrackers.eu/
Excellent wiki,dedicated in tracking spammers' activity...
Title: Re: Malware Analysis Blogs
Post by: spywarebox on June 25, 2008, 04:32:22 am
Here is a security blog from Paretologic:

http://blogs.paretologic.com/malwarediaries

Authored by two members of our ParetoLogic S.W.A.T. team (Spyware Analysis Team), Malware Diaries gives you an inside look at what is going on in the world of spyware and malware and how to secure your computer and yourself from new and emerging online threats.
Title: Re: Malware Analysis Blogs
Post by: sowhat-x on June 29, 2008, 09:11:07 am
Metallica's Blog
http://www.pieter-arntz.info/wordpressblog/
Moderator over at CastleCops,Cexx,GeeksToGo etc...need to say more?  :)
Title: Re: Malware Analysis Blogs
Post by: Metallica on July 02, 2008, 07:11:28 pm
Metallica's Blog
http://www.pieter-arntz.info/wordpressblog/
Moderator over at CastleCops,Cexx,GeeksToGo etc...need to say more?  :)

Thanks.  8)
Title: Re: Malware Analysis Blogs
Post by: JohnC on July 11, 2008, 03:27:41 pm
Seems to mainly monitor Asprox
http://infosec20.blogspot.com
Title: Re: Malware Analysis Blogs
Post by: JohnC on July 22, 2008, 03:14:21 pm
http://www.spamzy.com
A blog regarding spam and rogue software.
Title: Re: Malware Analysis Blogs
Post by: JohnC on July 22, 2008, 05:27:22 pm
http://malwaredatabase.net/blog/
Title: Re: Malware Analysis Blogs
Post by: JohnC on August 02, 2008, 09:04:32 pm
http://bjou.homeunix.net/blog/
Title: Re: Malware Analysis Blogs
Post by: Serg on August 06, 2008, 04:02:26 pm
http://www.anti-malware-test.com/ (http://www.anti-malware-test.com/)
Title: Re: Malware Analysis Blogs
Post by: JohnC on August 22, 2008, 08:41:29 pm
http://phreads.blogspot.com/
Title: Re: Malware Analysis Blogs
Post by: JohnC on September 07, 2008, 11:01:46 pm
http://malware-test-lab.blogspot.com/
Title: Re: Malware Analysis Blogs
Post by: amesdaq on September 10, 2008, 09:15:41 pm
Just a correction on this.

Quote
Websense Security Labs Blog
http://www.websense.com/securitylabs/blog/
Very nice malware analysis/reviews here also,
they're somehow related to SecureWorks mentioned previously...

We are not in any way related to SecureWorks other than the fact we work with various security researchers on some issues.
Title: Re: Malware Analysis Blogs
Post by: sowhat-x on September 10, 2008, 10:24:10 pm
Most probably at some moment I had mis-read something in some blog entry...  :-[
Obviously sorry for that,as this was my fault...fixed it  :)
Title: Re: Malware Analysis Blogs
Post by: JohnC on October 16, 2008, 05:47:51 pm
http://xanalysis.blogspot.com/
Title: Re: Malware Analysis Blogs
Post by: hzqedison on February 18, 2009, 12:34:34 pm
Kingsoft Internet Security Blog
http://blog.duba.net/
Title: Re: Malware Analysis Blogs
Post by: YoKenny on March 13, 2009, 12:35:40 pm
Kingsoft Internet Security Blog
hxxp://blog.duba.net/

Rated RED by SiteAdvisor
Title: Re: Malware Analysis Blogs
Post by: MysteryFCM on March 13, 2009, 01:14:52 pm
You sure about that? It's showing as unrated here;

http://www.siteadvisor.com/sites/blog.duba.net

Though it's parent isn't as clean (2 x red downloads, 3 x yellow downloads);

http://www.siteadvisor.com/sites/duba.net
Title: Re: Malware Analysis Blogs
Post by: sowhat-x on March 15, 2009, 04:40:41 pm
Evil Fingers
http://evilfingers.blogspot.com

CA Security Advisor Research Blog
http://community.ca.com/blogs/securityadvisor/default.aspx

Attack Research Blog
http://blog.attackresearch.com/
From the Offensive Computing people...
Title: Re: Malware Analysis Blogs
Post by: carmen on March 30, 2009, 01:03:11 am
MiPistus Blog
http://mipistus.blogspot.com

Very good about malware research in spanish  :-\. The version in english is evilfingers  ;)

Regards!
Title: Re: Malware Analysis Blogs
Post by: sowhat-x on April 01, 2009, 11:55:26 am
Frequency X
http://blogs.iss.net/archive/index.html
IBM Internet Security Systems' blog...
Title: Re: Malware Analysis Blogs
Post by: sowhat-x on April 07, 2009, 09:39:18 am
Aladdin AIRC Blog
http://www.aladdin.com/AircBlog/default.aspx
Title: Re: Malware Analysis Blogs
Post by: sowhat-x on April 10, 2009, 03:03:47 pm
Malware Web Threats' Blog
http://malware-web-threats.blogspot.com
Title: Re: Malware Analysis Blogs
Post by: RS-232 on April 16, 2009, 11:18:09 pm
Andrew Martin's Blog (formerly Real Security)
http://www.martinsecurity.net/

Web Security Weblog
http://www.web2secure.com/
Title: Re: Malware Analysis Blogs
Post by: RS-232 on April 28, 2009, 11:53:11 am
Rogue Antispyware Blog
http://rogueantispyware.blogspot.com/
Title: Re: Malware Analysis Blogs
Post by: extrexploit on May 09, 2009, 02:30:56 pm
Hello guys,

I have dissect some parts of conficker.e and I start a sort of analysis for mebroot (torpig related as It well known). If you are interested check

http://extraexploit.blogspot.com

Regards and thank you for your attention.
Title: Re: Malware Analysis Blogs
Post by: JohnC on May 10, 2009, 04:56:15 pm
http://blog.s21sec.com/
Title: Re: Malware Analysis Blogs
Post by: JohnC on May 13, 2009, 12:14:00 pm
http://blackrep.blogspot.com
Title: Re: Malware Analysis Blogs
Post by: JohnC on May 18, 2009, 06:40:59 pm
http://www.martinsecurity.net/
Title: Re: Malware Analysis Blogs
Post by: JohnC on May 19, 2009, 03:32:44 pm
http://blog.unmaskparasites.com
Title: Re: Malware Analysis Blogs
Post by: JohnC on May 29, 2009, 01:29:59 am
A spanish blog: http://mipistus.blogspot.com/
Title: Re: Malware Analysis Blogs
Post by: SysAdMini on June 03, 2009, 05:54:53 pm
Another spanish blog : http://blog.segu-info.com.ar/
Title: Re: Malware Analysis Blogs
Post by: Evilcry on August 11, 2009, 03:25:51 pm
Hi,

my second blog: http://evilcodecave.blogspot.com (http://evilcodecave.blogspot.com)

Regards,
Giuseppe 'Evilcry' Bonfa'
Title: Re: Malware Analysis Blogs
Post by: RS-232 on August 21, 2009, 07:22:26 am
Avast!'s Blog
http://blog.avast.com/

Threat Center Live Blog
http://threatcenter.blogspot.com/
Title: Re: Malware Analysis Blogs
Post by: SysAdMini on August 29, 2009, 03:21:50 pm
xchg.info
http://xchg.info

there is an article "Build your own Malware Sample DB" using MDL
http://xchg.info/?p=353

and maybe sowhat-x can explain him how does the Fast Entropy works on PEiD.  ;)
http://xchg.info/?p=323
Title: Re: Malware Analysis Blogs
Post by: RS-232 on August 30, 2009, 01:55:47 pm
Lol,i wouldn't really know that - i'm just the packers' collecting guy,making signatures and such - nothing more or less...  :)
Yet though - on the topic of python code/entropy calculation etc,someone might wanna check Roberto Perdisci's pages:
http://roberto.perdisci.com/publications/publication-files/Perdisci_Lanzi_Lee-PRL08-public.pdf
http://roberto.perdisci.com/projects/cpexe

//Edit//
...here's some c++ code as well for studying:
http://gynvael.coldwind.pl/?id=158
http://gynvael.coldwind.pl/?id=162
Title: Re: Malware Analysis Blogs
Post by: RS-232 on September 23, 2009, 10:47:32 am
Blast's Security Lab
http://www.sacour.cn/
Plus... (change date according to your needs,following are merely latest days' examples...):
http://www.sacour.cn/list/2009922.htm
http://www.sacour.cn/list/2009921.htm
etc etc...
Title: Re: Malware Analysis Blogs
Post by: RS-232 on September 23, 2009, 03:55:31 pm
Securelist
http://www.securelist.com/ru/analysis
http://www.securelist.com/ru/weblog
From Kaspesky AV (use Google Translate or similar services):
quite a lot more articles than the english-speaking equilevant of Viruslist.com...
Title: Re: Malware Analysis Blogs
Post by: RS-232 on October 08, 2009, 03:04:47 pm
EP_X0FF's Blog
From the author of Rootkit Unhooker,hosted over at rootkit.com:
http://rootkit.com/blog.php?user=DiabloNova
Title: Re: Malware Analysis Blogs
Post by: john_ on February 25, 2011, 11:28:43 am
Infos and some malware analysis :

http://cleanbytes.net (http://cleanbytes.net)
Title: Re: Malware Analysis Blogs
Post by: ahelpyguy on March 10, 2011, 09:35:23 am
http://research.zscaler.com/