wcoreiron/CORR_Blocklist_IP

CORR_Blocklist_IP

#corrblocklist_IP_MS-ISAC

151.236.127.145 213.155.156.184 37.18.24.16 194.190.76.41 194.190.76.44 94.100.180.197 213.180.204.90 118.192.48.48 79.124.8.24 78.142.18.20 5.178.86.77 141.101.196.233 45.129.136.189 194.190.76.41 194.190.76.44 94.100.180.197 45.155.205.56 45.155.205.44 45.155.205.49 45.155.205.43 45.155.205.41 45.155.205.48 45.155.205.42 45.155.205.40 45.155.204.146

#Chinese APT 54.248.110.45 54.199.117.45 107.172.210.69 172.104.206.48 108.138.19.129 104.149.140.182 18.118.56.237 35.87.250.69 20.121.42.11 104.149.134.38 104.149.140.180/30 118.192.48.48 122.10.117.202 144.202.112.250 149.248.7.127 158.69.253.64 54.144.37.217 192.155.81.36 104.18.6.251 139.59.248.56 104.18.7.251 34.139.13.46 104.16.0.0/13 172.104.46.213 138.124.180.203 34.117.254.173 34.120.57.236 34.120.243.77 34.98.122.108 34.120.85.253 104.149.134.38 8.46.116.152 34.139.13.46 104.18.7.251

#CyclopsBlink 100.43.220.234 96.80.68.193 188.152.254.170 208.81.37.50 70.62.153.174 2.230.110.137 90.63.245.175 212.103.208.182 50.255.126.65 78.134.89.167 81.4.177.118 24.199.247.222 37.99.163.162 37.71.147.186 105.159.248.137 80.155.38.210 217.57.80.18 151.0.169.250 212.202.147.10 212.234.179.113 185.82.169.99 93.51.177.66 80.15.113.188 80.153.75.103 109.192.30.125 151.236.127.145 213.155.156.184 37.18.24.16 194.190.76.41 194.190.76.44 94.100.180.197 213.180.204.90 5.178.86.77 141.101.196.233 45.129.136.189 151.236.127.145 213.155.156.184 37.18.24.16 194.190.76.41 194.190.76.44 94.100.180.197 213.180.204.90 109.248.6.95 45.146.165.165 222.180.11.154 138.99.216.222

#PrintNightmare 45.32.137.94 191.96.121.162 173.239.198.46 157.230.81.39

#Conti Ransomware 162.244.80.235 85.93.88.165 185.141.63.120 82.118.21.1

#SSH bruteforce 212.83.8.79 212.83.8.75 188.59.89.2 188.59.106.255 82.102.173.68 45.146.165.165 45.146.165.37 31.44.185.237 31.44.185.238 5.8.10.202 183.136.226.3 185.132.250.212 121.52.158.248 45.134.144.148 194.156.90.180 194.156.90.184 170.210.208.11 43.248.77.132 120.195.43.229 222.186.19.235 103.178.236.75 91.195.240.103 34.96.130.24 154.209.125.42 93.188.2.51 193.124.7.9 170.210.45.163 185.173.35.45 34.77.162.2 34.77.162.31 196.2.8.120 49.51.96.220 34.98.99.30 209.99.64.18 204.11.56.48 183.136.226.3 45.232.153.176 170.210.45.163 159.69.42.212 213.186.33.19 208.91.197.46 204.11.56.48 93.188.2.51 34.98.99.30 146.20.132.132

#RagnarLocker Ransomware 185.138.164.18 185.172.129.215 45.144.29.2 23.106.122.192 45.90.59.131 149.28.200.140 193.42.36.53 45.63.89.250 190.211.254.181 142.44.236.38 37.120.238.107 95.216.196.181 162.55.38.44 116.203.132.32 49.12.212.231 193.42.39.10 193.111.153.24 178.32.222.98 23.227.202.72 159.89.95.163 50.201.185.11 47.35.60.92 108.26.193.165 108.56.142.135 198.12.81.56 198.12.127.199 45.91.93.75 217.25.93.106 45.146.164.193 89.40.10.25 5.45.65.52 79.141.160.43

#Iranian Government-Sponsored APT 91.214.124.143 162.55.137.20 154.16.192.70

#SolarWinds Releases Advisory for Serv-U Vulnerability

98.176.196.89 68.235.178.32 208.113.35.58 144.34.179.162 97.77.97.58

#B1txor20 linux botnet IOC 179.60.150.23 194.165.16.24 198.54.117.244

[DynDNS.org]

(http://security-research.dyndns.org/pub/malware-feeds/)

Ponmocup. The malware powering the botnet has been around

since 2006 and it’s known under various names, including

Ponmocup, Vundo, Virtumonde, Milicenso and Swisyn. It has

been used for ad fraud, data theft and downloading

additional threats to infected systems. Ponmocup is one of

the largest currently active and, with nine consecutive

years, also one of the longest running, but it is rarely

noticed as the operators take care to keep it operating

under the rada

3.18.7.81 3.94.41.167 3.140.13.188 18.119.154.66 46.30.215.23 46.30.215.160 52.71.57.184 54.153.111.129 54.209.32.212 62.149.140.104 63.247.141.235 64.70.19.52 66.96.149.32 67.20.112.11 69.12.64.226 69.61.26.162 69.90.25.210 72.172.132.43 74.208.236.193 77.92.75.4 77.105.36.251 77.111.240.50 79.124.76.10 80.94.98.99 82.118.24.217 85.13.140.101 87.98.239.19 89.221.250.12 94.130.190.96 94.152.142.140 95.142.65.77 112.213.87.130 136.243.80.165 144.76.45.43 156.54.179.186 157.7.144.5 160.153.95.7 162.255.166.188 173.209.47.104 173.254.30.178 184.168.113.105 192.99.161.26 199.67.250.59 200.170.151.200 201.182.97.35 203.174.34.49 206.188.193.120 208.113.213.71 213.186.33.18 213.186.33.19 217.76.132.246 217.160.0.225 217.160.0.237 217.160.0.240

#Vidar Malware 95.216.181.231