Community
Help Protect Other Users
One of the most effective ways to help others in our community is to report phishing emails. Our tools scan and analyze your submissions every hour and add any newly found malware or phishing URLs to our lists right away. Below we have listed other ways to contribute to the Malware Patrol Project.
If you have an idea for partnering or sharing data that is not mentioned here, please contact us.
Report False Positives
We do our best to avoid false positives, but they may occur. If you believe something is miscategorized, send a message to fp (at) malwarepatrol.net and we will promptly investigate.
Send Us Your Feedback
Your feedback is valuable and much appreciated. Tell us what is working, what could be better, your needs and how we can improve. Send a message to us at support (at) malwarepatrol.net.
Set Up a Spam Trap
Forward the contents of your spam traps to [email protected]. If you need help setting one up, send an email to support (at) malwarepatrol.net.
Report Phishing Emails & Suspicious Content
Please forward suspicious URLs and suspected phishing emails to [email protected]. Feel free to share this email with others. Our automated system will extract dangerous URLs, and in no more than an hour, they will be visited and analyzed. If malware or a phishing website is found, the address will be added to our blocklists which are used by thousands. One submission can make a huge impact!
Cybersecurity Resources
Malware Patrol is grateful to the cybersecurity community members that create and curate content and IoCs to share with others. We also appreciate the organizations that host threat data exchange platforms to facilitate free access to community-sourced data. In this same spirit, Malware Patrol offers free non-commercial blocklists and publishes a variety of indicators daily on Alien Vault OTX.
Helpful Links
Below you will find a list of useful and noteworthy resources that our team has compiled during the course of their work. Due to the vast amount of information to which these links lead, Malware Patrol cannot ensure the accuracy of any content contained therein.
DDoS
8 DDoS Attack Trends To Watch For In 2020 (CRN)
Advanced DDoS Mitigation Techniques (NIST)
DDoS Attacks (Imperva)
Distributed Denial of Service (DDOS) Attack Mitigation (Identity-Theft-Scout.com)
How distributed denial of service attacks are evolving (CSO)
What is a DDoS Attack? (Cloudflare)
Malware
BinDiff and BinNavi Reverse Engineering Software (Zynamics)
Evasion Techniques Encyclopedia (CheckPoint)
Explained: Packer, Crypter, and Protector (Malwarebytes)
Free Malware Sample Sources for Researchers (Lenny Zeltser)
Malware Information Sharing Platform (MISP)
Malware Reports (SecureList)
Trickbot – An analysis of data collected from the botnet (GovCERT.ch)
What are exploits? (And why you should care) (Malwarebytes)
Why Domain Generating Algorithms (DGAs)? (TrendMicro)
Ransomware
Before You Pay that Ransomware Demand (Brian Krebs)
Free Ransomware Decryption Tools – AVAST
Free Ransomware Decryption Tools – CRYPTOSTOPPERS
Free Ransomware Decryption Tools – EMSISOFT
Free Ransomware Decryption Tools – HEIMDAL SECURITY
Free Ransomware Decryption Tools – KASPERSKY
A History of Ransomware Attacks (DigitalGuardian)
Ransomware Detection and Decryption Tools (VinRansomware)
Ransomware Listing (NJCCIC)
DNS
A Cartoon Intro to DNS Over HTTPS
DNS Privacy Frequently Asked Questions (FAQ) (InternetSociety.org)
DNS Response Policy Zone (RPZ) (Barry Greene/Vernon Schryver)
DNS Security (Part 1): Issues in DNS Security (TechGenix)
DNS Tools – Ping, Traceroute, DNS Lookup (DomainTools)
Phishing
6 Common Phishing Attacks (TripWire)
FTC Guidance for Handling Phishing Scams (National Law Review)
A Technical Demonstration of an Email Phishing Attack (Bsides Philly)
Typosquatting: Awareness and Hunting (SANS)
What is Phishing? (Phishing.org)
Research & Tools
10 Free or Low-Cost Security Tools (Dark Reading)
51 Tools for Security Analysts (WordFence)
ATT&CK for Industrial Control Systems (MITRE)
The Book of Secret Knowledge (@trimstray, Github)
Community Tools (Crowdstrike)
CSIRT Services Framework (FIRST)
Database Security Tools (Infosec Institute)
Online Security Classes (Open Security Training)
OSINT IntelTechniques (Michael Bazzell)
OWASP (OWASP)
SANS Investigative Forensic Toolkit (SIFT)
Security APIs (Alexander Jaeger)