Skip to content

Releases: MISP/misp-warninglists

MISP warning-lists v2.4.142 released (first release to be inline with MISP core software)

26 Apr 09:18
v2.4.142
fe4e44b
Compare
Choose a tag to compare

v2.4.142 (2021-04-26)

New

  • GH workflow. [Raphaël Vinot]

  • Added covid generators / lists. [iglocska]

  • Added covid warninglist. [iglocska]

  • Added common warninglists. [iglocska]

  • [list] The Moz Top 500 Domains and Pages (#104) [Steve Clement]

    new: [list] The Moz Top 500 Domains and Pages

  • [list] Added Mozilla Top 500 domains. [Steve Clement]

  • [tool] Generate The Moz top 500 Domain list from https://moz.com/top500. [Steve Clement]

  • [disposal-email] added. [Alexandre Dulaunoy]

  • [disposal-email] a list of disposable and temporary email address domains. [Alexandre Dulaunoy]

    From https://github.com/martenson/disposable-email-domains

    Fix MISP/misp-taxonomies#136

  • [VPN] lists of common VPN IPv4 and IPv6 addresses added. [Alexandre Dulaunoy]

    Source of the IPv4/IPv6 is https://github.com/ejrv/VPNs

Changes

  • [warning-lists] updated. [Alexandre Dulaunoy]

  • [lists] updated. [Alexandre Dulaunoy]

  • [stackpath] host IPv6 addresses are without subnet. [Alexandre Dulaunoy]

  • [warning-lists] updated. [Alexandre Dulaunoy]

  • [update] run on all. [Alexandre Dulaunoy]

  • [public-resolver] revert to previous one as the source is dropping many known public resolver such as quad9. [Alexandre Dulaunoy]

  • [updates] updated warning-lists. [Alexandre Dulaunoy]

  • [warning-lists] updated. [Alexandre Dulaunoy]

  • [updated] warning-lists updated. [Alexandre Dulaunoy]

  • [warning-lists] updated. [Alexandre Dulaunoy]

  • [update] automatic update. [Alexandre Dulaunoy]

  • Add PR to GH actions. [Raphaël Vinot]

  • [doc] Travis removed. [Alexandre Dulaunoy]

  • [updates] updated warning lists. [Alexandre Dulaunoy]

  • [warning-list] updated. [Alexandre Dulaunoy]

  • Bump moz-top500. [Raphaël Vinot]

  • [update] misp-warninglists updated. [Alexandre Dulaunoy]

  • [schema] wildmask type added to prepare the merge into MISP. [Alexandre Dulaunoy]

  • [warning-lists] updated to the latest version. [Alexandre Dulaunoy]

  • Changed name to be displayed as warning and description. [chrisr3d]

  • Turned the regexes for audiovisual works into a single one. [chrisr3d]

  • [warning-lists] updated. [Alexandre Dulaunoy]

  • [warning-lists] updated. [Alexandre Dulaunoy]

  • [update] following changes + regular update. [Alexandre Dulaunoy]

  • [automatic updates] all warning-lists. [Alexandre Dulaunoy]

  • [automatic] updated. [Alexandre Dulaunoy]

  • [automatic] updated. [Alexandre Dulaunoy]

  • [tranco] updated. [Alexandre Dulaunoy]

  • [public-dns] updated. [Alexandre Dulaunoy]

  • [microsoft-azure] updated. [Alexandre Dulaunoy]

  • [tld] updated to the latest version. [Alexandre Dulaunoy]

  • [aws] updated. [Alexandre Dulaunoy]

  • [office 365] updated. [Alexandre Dulaunoy]

  • [office 365] updated. [Alexandre Dulaunoy]

  • [mozilla-intermediate-CA] updated to the latest version. [Alexandre Dulaunoy]

  • Chmod +x for new scripts in tools folder. [Kevin Holvoet]

  • [whats-my-ip] fix 152. [Alexandre Dulaunoy]

  • [jq] all. [Alexandre Dulaunoy]

  • [tranco10k] jq all the things. [Alexandre Dulaunoy]

  • [amazon-aws] updated to the latest version. [Alexandre Dulaunoy]

  • [microsoft-office365] updated to the latest version. [Alexandre Dulaunoy]

  • [covid] added covidmemory.lu. [Andras Iklody]

  • Update validate all. [Raphaël Vinot]

  • Add script to make lists unique, and sort the keys. [Raphaël Vinot]

    Update covid lists.

  • Covid lists bumped. [iglocska]

  • [covid] lists updated. [iglocska]

  • [whats-my-ip] Fix #139. [Alexandre Dulaunoy]

  • [covid] aatishb.com added due to https://aatishb.com/covidtrends/ [Alexandre Dulaunoy]

    (thanks to @doegox)

  • [covid] added Heliox_lab domain. [Alexandre Dulaunoy]

  • [covid] adding luxemburg's covid domains. [Jean-Louis Huynen]

  • [doc] updated readme with covid list. [Christophe Vandeplas]

  • [covid] added Portugal and Belgium. [Christophe Vandeplas]

  • [tranco] updated to the latest version. [Alexandre Dulaunoy]

  • [office365] updated to the latest version. [Alexandre Dulaunoy]

  • [cloudflare] updated to the latest version. [Alexandre Dulaunoy]

  • [aws] updated. [Alexandre Dulaunoy]

  • [cloudflare] updated. [Alexandre Dulaunoy]

  • [office365] IP addresses and domains updated. [Alexandre Dulaunoy]

  • [doc] wikimedia warning-list added. [Alexandre Dulaunoy]

  • [wikimedia] jq all the things. [Jean-Louis Huynen]

  • [university_domains] updated to the latest version. [Alexandre Dulaunoy]

  • [disposable] updated to the latest version. [Alexandre Dulaunoy]

  • [vpn] IP addresses updated. [Alexandre Dulaunoy]

  • [mozilla] CA list updated. [Alexandre Dulaunoy]

  • [empty-hashes] empty ssdeep hashes added. [Alexandre Dulaunoy]

  • [dax30] updated and fixed. [Alexandre Dulaunoy]

  • [alexa] Updated with the script in tools. [Steve Clement]

  • [moz500] Fix actual list. [Steve Clement]

  • [moz500] Added Pages too. Updated list. [Steve Clement]

  • [moz500] Added info how to regenerate, added provisional urls/files to topPages. [Steve Clement]

  • [security-provider-blogpost] version updated. [Alexandre Dulaunoy]

  • [doc] list of warning-lists updated. [Alexandre Dulaunoy]

  • [o365 ip] title of the warning list changed. [Alexandre Dulaunoy]

  • [o365 tools] fix title of the IP address warning list. [Alexandre Dulaunoy]

  • [o365] separate Microsoft Office 365 lists (hostname and IP addresses) [Alexandre Dulaunoy]

  • [o365] jq all the things. [Alexandre Dulaunoy]

  • [tools] alexa script fixed. [Alexandre Dulaunoy]

  • [alexa] updated to the latest version (seems to be back) [Alexandre Dulaunoy]

  • [tools] fix cisco script. [Alexandre Dulaunoy]

  • [cisco/umbrella top list] updated to the latest version. [Alexandre Dulaunoy]

  • [amazon-aws] updated to the latest version available. [Alexandre Dulaunoy]

  • [README] added university domains. [Alexandre Dulaunoy]

  • [doc] akamai network added. [Alexandre Dulaunoy]

  • [akamai] jq everything. [Alexandre Dulaunoy]

  • [doc] CRL list added. [Alexandre Dulaunoy]

  • [public-dns-v6] cloudflare dns added. [Alexandre Dulaunoy]

  • [public-dns-v4] cloudflare recursive dns added. [Alexandre Dulaunoy]

  • [amazon-aws] updated to the recent version. [Alexandre Dulaunoy]

  • [sinkholes] duplicate entry removed. [Alexandre Dulaunoy]

  • [sinkholes] added. [Alexandre Dulaunoy]

  • [doc] new lists added. [Alexandre Dulaunoy]

  • List of warning-lists updated. [Alexandre Dulaunoy]

  • Lists/microsoft-attack-simulator/list.json added. [Alexandre Dulaunoy]

  • Enforce type in schema. [Raphaël Vinot]

  • Remove exec flag on json files. [Raphaël Vinot]

Fix

  • Python 3.9 compat, take 2. [Raphaël Vinot]

  • Python 3.9 compat. [Raphaël Vinot]

  • Changed parsing algorithm to string, see #7c1de70. [Andras Iklody]

  • Sort entries. [Raphaël Vinot]

  • [schema] regexp added as supported type. [Alexandre Dulaunoy]

  • [alex] The generator wants to decode things ;) [Steve Clement]

  • [moz500] Fix the confusion about Moz.com and Mozilla.com (#107) [Steve Clement]

    fix: [moz500] Fix the confusion about Moz.com and Mozilla.com

  • [moz500] Fix the confusion about Moz.com and Mozilla.com. [Steve Clement]

  • [tools] Made python scripts executable. (#105) [Steve Clement]

    fix: [tools] Made python scripts executable.

  • [tools] Made python scripts executable. [Steve Clement]

  • Wrong file name in the scripts. [Raphaël Vinot]

  • Flienames of new warning lists. [Raphaël Vinot]

  • Common IOC warning list added. [Alexandre Dulaunoy]

  • Various fixes + add number of elements in each lists. [Alexandre Dulaunoy]

  • Perfect match is string ;-) [Alexandre Dulaunoy]

  • Reverse.it added to the list of dynamic malware analysis tools. [Alexandre Dulaunoy]

  • CIDR block added. [Alexandre Dulaunoy]

  • Public-dns-hostname not following schema. [Raphaël Vinot]

  • Resolver expressed as hostname removed. [Alexandre Dulaunoy]

  • Typo fixed for Travis. [Alexandre Dulaunoy]

  • Jq output to /dev/null - Travis. [Alexandre Dulaunoy]

  • JSON tests. [Alexandre Dulaunoy]

Other

  • Merge pull request #178 from Wiscy-Security/main. [Alexandre Dulaunoy]

    Added new warninglist for Stackpath CDN

  • Add stackpath to generate_all.sh script. [Kevin Holvoet]

  • Gave execute permissions to generate_phone_numbers.py. [Kevin Holvoet]

  • Created new Stackpath CDN IP list. [Kevin Holvoet]

  • Merge branch 'main' of github.com:MISP/misp-warninglists into main. [Alexandre Dulaunoy]

  • Merge pull request #176 from przemekzny/patch-1. [Alexandre Dulaunoy]

    Update list.json

  • Update list.json. [przemekzny]

    Added domains of PKO Bank Polski S.A.

  • Merge branch 'main' of github.com:MISP/misp-warninglists into main. [Alexandre Dulaunoy]

  • Merge pull request #173 from DocArmoryTech/patch-1. [Alexandre Dulaunoy]

    Added Neo23x0/ti-falsepositive warninglist

  • Corrected version number to one. [Cormac Doherty]

  • Jq all the things. [Cormac Doherty]

  • Added Neo23x0/ti-falsepositive warninglist. [DocArmoryTech]

    Neo23x0:Neo23x0/ti-falsepositive is a "hash generator for typical false positive hashes".

    This warninglist was generated using a modified version of the generator (see: DocArmoryTech:DocArmoryTech-mispwl)

    python3 ./fp-hashes.py > list.json

  • Merge pull request #172 from pettai/Fastly. [Alexandre Dulaunoy]

    Add Fastly IPs

  • Add Fastly IPs. [pettai]

    Add all Fastlys IP addresses

  • Merge pull request #170 from chrisr3d/main. [Alexandre Dulaunoy]

    Added a few more entries to the phone numbers warninglist

  • Add: A few more phone numbers regexes. [chrisr3d]

  • Add: Added regexes for the american fictitious numbers in the list. [chrisr3d]

  • Merge pull request #168 from chrisr3d/main. [Alexandre Dulaunoy]

    New warning list for unattributed phone numbers

  • Add: Added phone num...

Read more