Page Information

Title:	Infoblox Threat Classification Guide
Owner:	Gary Leicht
Creator:	Gary Leicht	Aug 07, 2024
Last Changed by:	Gary Leicht	Jan 22, 2025
Tiny Link: (useful for email)	https://infoblox-docs.atlassian.net/wiki/x/gwHTLg
Export As:	Word · PDF

Incoming Links

BloxOne Threat Defense (3)
Page: Security Activity Report
Page: Summary
Page: Threat Classification Guide

Labels

There are no labels assigned to this page.

Recent Changes

Time	Editor
Jan 22, 2025 16:27	Gary Leicht	View Changes
Dec 13, 2024 17:25	Gary Leicht	View Changes
Aug 07, 2024 22:23	Gary Leicht

View Version History

Outgoing Links

External Links (233)

https://csp.infoblox.com/malware.dontneedcoffee.com/2014/09…

www.spywaretechs.com/remove-trojan-chinad/

tools.cisco.com/security/center/viewAlert.x?alertId=34999

https://en.wikipedia.org/wiki/Heartbleed

https://malpedia.caad.fkie.fraunhofer.de/details/win.agent_…

https://threatpost.com/matsnu-botnet-dga-discovers-power-of…

en.wikipedia.org/wiki/Virut

www.scmagazine.com/pony-loader-20-now-steals-cryptocurrency…

community.websense.com/blogs/securitylabs/archive/2010/10/1…

malware.dontneedcoffee.com/2015/06/fast-look-at-sundown-ek.…

https://threatpost.com/cridex-variant-geodo-part-trojan-par…

sectools.org/tag/web-scanners/

en.wikipedia.org/wiki/Spyware

https://tools.ietf.org/html/rfc1918

https://blog.malwarebytes.org/threat-analysis/2016/03/look-…

https://www.ietf.org/rfc/rfc2544.txt

en.wikipedia.org/wiki/Slenfbot

https://www.johannesbader.ch/2015/02/the-dgas-of-necurs/

en.wikipedia.org/wiki/Torpig

www.prnewswire.com/news-releases/strains-of-mutant-malware-…

blog.talosintelligence.com/2017/05/jaff-ransomware.html

en.wikipedia.org/wiki/Domain_generation_algorithm

www.darkreading.com/vulnerabilities---threats/stealthy-fobb…

https://tools.ietf.org/html/rfc6598

krebsonsecurity.com/2013/02/microsoft-symantec-hijack-bamit…

https://www.proofpoint.com/us/threat-insight/post/magnitude…

thehackernews.com/2016/02/ctb-locker-ransomware.html

www.symantec.com/connect/blogs/rig-exploit-kit-used-recent-…

www.remove-malware-tech.com/post/Useful-Guide-to-Remove-Dow…

https://sentrant.com/2015/05/20/bedep-ad-fraud-botnet-analy…

https://tools.ietf.org/html/rfc5737

www.microsoft.com/security/portal/mmpc/shared/glossary.aspx

threatpost.com/en_us/blogs/p2p-version-zeus-botnet-appears-…

https://www.f-secure.com/v-descs/virus_w32_expiro_a.shtml

https://www.sans.org/reading-room/whitepapers/malicious/lok…

www.surbl.org/lists#cr

https://hackerbits.com/programming/what-is-cryptojacking/

https://tools.ietf.org/html/rfc5736

searchsecurity.techtarget.com/answer/What-is-the-cause-of-a…

en.wikipedia.org/wiki/Gameover_ZeuS

https://www.us-cert.gov/ncas/alerts/TA15-105A

www.dnsbl-check.info/

https://www.treasury.gov/resource-center/sanctions/Programs…

https://www.alertra.com/blog/2012/evil-domain-name-system-d…

https://www.symantec.com/security_response/attacksignatures…

en.wikipedia.org/wiki/Denial-of-service_attack

www.vkremez.com/2017/07/lets-learn-in-depth-reversing-popul…

https://www.sophos.com/en-us/threat-center/threat-analyses/…

https://info.phishlabs.com/blog/not-notpetya-an-analysis-of…

searchexchange.techtarget.com/definition/whitelist

www.cisco.com/web/about/security/intelligence/virus-worm-di…

https://security.rapiditynetworks.com/publications/2016-10-…

www.trendmicro.com/vinfo/us/threat-encyclopedia/web-attack/…

https://blog.malwarebytes.com/detections/ransom-globeimpost…

www.bankinfosecurity.com/articles.php?art_id=3011

https://www.cyber.nj.gov/threat-profiles/trojan-variants/az…

https://tools.ietf.org/html/rfc1122

https://en.wikipedia.org/wiki/Cryptocurrency_exchange

https://github.com/iagox86/dnscat2

https://www.welivesecurity.com/2017/10/24/bad-rabbit-not-pe…

https://blog.malwarebytes.com/threat-analysis/2017/09/expir…

https://krebsonsecurity.com/2016/10/who-makes-the-iot-thing…

blog.trendmicro.com/trendlabs-security-intelligence/a-new-e…

https://www.fidelissecurity.com/threatgeek/2017/07/emotet-t…

www.computerweekly.com/feature/Web-Application-Attacks-Lear…

https://threatpost.com/spammers-revive-hancitor-downloader-…

www.microsoft.com/security/portal/threat/encyclopedia/entry…

https://blog.malwarebytes.com/threat-analysis/2018/01/gandc…

https://en.wikipedia.org/wiki/CryptoLocker

jpmorgan.com

www.symantec.com/security_response/writeup.jsp?docid=2011-1…

www.kaspersky.com/internet-security-center/threats/teslacry…

https://www.cyber.nj.gov/threat-profiles/android-malware-va…

google.com

resources.infosecinstitute.com/popular-tools-for-brute-forc…

community.websense.com/blogs/securitylabs/archive/2012/01/3…

https://www.sophos.com/en-us/threat-center/threat-analyses/…

www.techrepublic.com/blog/security/pushdocutwail-botnet-sec…

https://krebsonsecurity.com/tag/betabot/

https://en.wikipedia.org/wiki/Mining_pool

https://info.phishlabs.com/blog/bartalex

www.darkreading.com/attacks-breaches/its-%28already%29-baaa…

www.webroot.com/blog/2012/05/10/cybercriminals-release-swee…

searchsecurity.techtarget.com/definition/TDL-4-TDSS-or-Alur…

https://www.owasp.org/index.php/Top_IoT_Vulnerabilities

https://www.symantec.com/security_response/writeup.jsp?doci…

https://www.trendmicro.com/vinfo/us/security/news/cybercrim…

https://en.wikipedia.org/wiki/Mydoom

https://www.isightpartners.com/2015/06/hawkeye-keylogger-ca…

https://www.your-freedom.net/index.php?id=dns-tunneling

https://blogs.forcepoint.com/security-labs/quantize-or-capi…

https://www.enigmasoftware.com/razyransomware-removal/

www.eset.com/int/about/press/articles/article/eset-uncovers…

https://www.securitynow.com/author.asp?section_id=613&doc_i…

www.malware-traffic-analysis.net/2019/04/02/index.html

https://github.com/yarrick/iodine

https://www.symantec.com/security_response/writeup.jsp?doci…

blog.trendmicro.com/trendlabs-security-intelligence/the-tin…

https://www.fireeye.com/blog/threat-research/2016/04/multig…

blog.trendmicro.com/trendlabs-security-intelligence/trend-m…

https://krebsonsecurity.com/2018/03/who-and-what-is-coinhiv…

securelist.com/blog/research/64599/shylockcaphaw-malware-tr…

https://www.isightpartners.com/2015/06/hawkeye-keylogger-ca…

https://www.johannesbader.ch/2015/03/the-dga-of-dircrypt/

https://en.wikipedia.org/wiki/Zeus_(malware)

https://blogs.mcafee.com/mcafee-labs/styx-exploit-kit-takes…

www.trendmicro.com/vinfo/us/threat-encyclopedia/web-attack/…

https://securityintelligence.com/watch-out-for-corebot-new-…

https://en.wikipedia.org/wiki/Technical_support_scam

https://www.johannesbader.ch/2015/03/the-dga-of-pykspa/

https://en.wikipedia.org/wiki/Sality

https://www.checkpoint.com/resources/cerberring/

https://exchange.xforce.ibmcloud.com/collection/Icedid-e1af…

https://www.arbornetworks.com/blog/asert/mad-max-dga

https://www.johannesbader.ch/2015/02/the-dga-of-banjori

https://malwarebreakdown.com/2017/11/12/seamless-campaign-d…

https://www.f-secure.com/v-descs/trojan_w32_trojan-clicker.…

https://www.infoworld.com/article/3027195/security/protect-…

https://www.sans.org/reading-room/whitepapers/dns/paper/335…

https://en.wikipedia.org/wiki/Virut

en.wikipedia.org/wiki/Avalanche_%28phishing_group%29

en.wikipedia.org/wiki/CryptoLocker

amazon.com

searchmidmarketsecurity.techtarget.com/definition/network-s…

www.informationsecuritybuzz.com/news/new-exploit-kit-archie…

en.wikipedia.org/wiki/Shellshock_%28software_bug%29

phishme.com/rockloader-new-upatre-like-downloader-pushed-dr…

https://en.wikipedia.org/wiki/Internet

https://www.symantec.com/security_response/writeup.jsp?doci…

https://www.securityweek.com/ponmocup-botnet-still-actively…

www.webopedia.com/TERM/X/XSS.html

www.microsoft.com/security/portal/threat/encyclopedia/Entry…

www.bleepingcomputer.com/news/security/padcrypt-the-first-r…

www.trendmicro.com/vinfo/us/threat-encyclopedia/web-attack/…

www.fbi.gov/news/stories/2011/november/malware_110911

https://en.wikipedia.org/wiki/Tor_(anonymity_network)

https://securityintelligence.com/shifu-masterful-new-bankin…

https://blogs.infoblox.com/security/new-malware-variant-pro…

https://en.wikipedia.org/wiki/Content_delivery_network

www.cioreview.com/news/check-point-ends-dircrypt-menace-nid…

https://www.f-secure.com/v-descs/worm_js_proslikefan.shtml

www.thesecurityblogger.com/exploit-kits-101-how-a-typical-e…

www.securityweek.com/malware-injected-directly-processes-an…

https://blog.malwarebytes.com/threat-analysis/2017/04/sundo…

https://tools.ietf.org/html/rfc3927

https://blog.malwarebytes.org/threat-analysis/2012/06/you-d…

https://en.wikipedia.org/wiki/Proxy_server

www.csoonline.com/article/2911160/cyber-attacks-espionage/a…

https://www.trustwave.com/Resources/SpiderLabs-Blog/PoSeido…

www.microsoft.com/security/portal/threat/encyclopedia/entry…

https://www.rsaconference.com/writable/presentations/file_u…

https://zeustracker.abuse.ch/index.php

www.trendmicro.com/vinfo/us/threat-encyclopedia/web-attack/…

www.securityweek.com/new-ransomware-uses-gnupg-encrypt-file…

www.kaspersky.com/internet-security-center/threats/torrentl…

https://en.wikipedia.org/wiki/2017_Petya_cyberattack

www.symantec.com/security_response/writeup.jsp?docid=2011-0…

https://securityintelligence.com/ursnif-v3-emerges-targets-…

www.spamfighter.com/News-13443-Botnet-Festi-Rising-Tremendo…

https://en.wikipedia.org/wiki/Cryptocurrency

searchsecurity.techtarget.com/definition/advanced-persisten…

www.scmagazine.com/citadel-trojan-uses-child-porn-scare-to-…

https://feodotracker.abuse.ch/

www.theinquirer.net/inquirer/news/2329754/zeus-banking-troj…

https://sentinelone.com/blogs/zusy-powerpoint-malware-sprea…

www.microsoft.com/security/portal/threat/encyclopedia/entry…

https://www.symantec.com/security_response/writeup.jsp?doci…

https://securitytrails.com/blog/how-to-use-ns-records-to-lo…

https://www.symantec.com/security_response/writeup.jsp?doci…

securitywatch.pcmag.com/apple/296278-apple-patches-java-fla…

en.wikipedia.org/wiki/Coreflood

https://en.wikipedia.org/wiki/Ransomware

www.enigmasoftware.com/kazytrojan-removal/

https://blog.malwarebytes.com/threat-analysis/2014/10/expos…

securityresearch.in/index.php/tutorials/how-to/unauthorized…

https://malpedia.caad.fkie.fraunhofer.de/details/win.formbo…

malware.dontneedcoffee.com/2014/06/cottoncastle.html

www.securityweek.com/gozi-banking-trojan-campaigns-target-g…

https://www.vmray.com/cyber-security-blog/gandcrab-ransomwa…

www.pcworld.com/businesscenter/article/247252/spyeye_malwar…

whatis.techtarget.com/definition/botnet-sinkhole

stopmalvertising.com/rootkits/analysis-of-smoke-loader.html

https://en.wikipedia.org/wiki/Brontok

https://twitter.com/CryptoInsane/status/956803455833853952

www.darkreading.com/security/client-security/217201422/rese…

https://labs.vipre.com/dga-malware-usage-and-known-infectio…

https://whitehatcheryl.wordpress.com/2017/01/29/update-zeus…

https://www.cisecurity.org/malware-analysis-report-nemucod-…

https://en.wikipedia.org/wiki/Netsky_(computer_worm)

blog.spiderlabs.com/2012/05/a-wild-exploit-kit-appears.html

https://www.fireeye.com/blog/threat-research/2017/05/dridex…

searchsecurity.techtarget.com/definition/Mytob

en.wikipedia.org/wiki/Proxy_server

securityintelligence.com/multistage-exploit-kits-boost-effe…

https://blogs.mcafee.com/mcafee-labs/beebone-update/

www.trendmicro.com/vinfo/us/threat-encyclopedia/web-attack/…

www.cisco.com/c/en/us/about/security-center/virus-differenc…

https://www.gdatasoftware.com/blog/2013/05/23997-a-new-bot-…

en.wikipedia.org/wiki/Rogue_security_software

https://en.wikipedia.org/wiki/Spambot

https://threatpost.com/mirai-fueled-iot-botnet-behind-ddos-…

www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/mat…

en.wikipedia.org/wiki/Conficker

searchsecurity.techtarget.com/feature/Command-and-control-s…

blog.kaspersky.com/neverquest-trojan-built-to-steal-from-hu…

www.trendmicro.com/vinfo/us/threat-encyclopedia/web-attack/…

antivirus.about.com/od/virusdescriptions/p/asprox.htm

www.malwaretech.com/2013/12/peer-to-peer-botnets-for-beginn…

blog.trendmicro.com/trendlabs-security-intelligence/attacke…

https://www.incapsula.com/blog/malware-analysis-mirai-ddos-…

https://www.proofpoint.com/us/what-old-new-again-nymaim-mov…

https://en.wikipedia.org/wiki/SQL_injection

https://help.rapid7.com/metasploit/Content/bruteforce-crede…

www.welivesecurity.com/2012/12/19/win32spy-ranbyus-modifyin…

en.wikipedia.org/wiki/Fast_flux

www.armorforandroid.com/protection-center/threat/armor-troj…

news.cnet.com/8301-1009_3-57443975-83/behind-the-flame-malw…

https://blog.malwarebytes.org/intelligence/2012/06/you-dirt…

https://thehackernews.com/2018/02/cryptocurrency-mining-thr…

https://www.infoblox.com/wp-content/uploads/threat-intellig…

https://en.wikipedia.org/wiki/Boleto

https://phishme.com/kovter-ad-fraud-trojan-now-shipping-loc…

threatpost.com/yahoo-removes-malicious-ads-redirecting-to-m…

https://en.wikipedia.org/wiki/Tiny_Banker_Trojan

blog.trendmicro.com/trendlabs-security-intelligence/whiteho…

https://www.checkpoint.com/downloads/product-related/whitep…

https://blogs.forcepoint.com/security-labs/trickbot-spread-…

www.trendmicro.com/vinfo/us/threat-encyclopedia/web-attack/…

https://resources.infosecinstitute.com/a-quick-guide-to-the…

https://research.checkpoint.com/new-iot-botnet-storm-coming…

https://www.proofpoint.com/us/threat-insight/post/panda-ban…

https://www.us-cert.gov/nccic