<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2180921&amp;fmt=gif">

When hosts on your network are accessing newly-registered domains, there’s a good chance bad things are heading your way. So, you’ll want to know as soon as possible if this is happening.

New from Stamus Labs - a collection of newly-registered domains that could be used for phishing or to host and control malware.

 

Every day, the Stamus Labs team collects all newly-registered domains and identifies those which appear to be algorithmically-generated (high-entropy) and those which use typosquatting and homoglyph techniques to mimic popular legitimate domains (phishing).

 

We package these into six feeds optimized for SELKS and Suricata 7 users and make them available for FREE.

 

Want to learn more? Our team has created several additional resources on this topic:

Six different NRD feeds are available from Stamus Labs

Newly-registered domains (unfiltered)

These lists contain all domains registered in the last 14 or 30 days (2 separate lists). 

Newly-registered high-entropy domains

These lists contain the high-entropy domains registered in the last 14 or 30 days (2 separate lists). 

Newly-registered phishing domains

These lists contain the suspected phishing domains registered in the last 14 or 30 days (2 separate lists). 

Request a free license to the Newly-Registered Domain feeds

Complete the the form to the right, and you will receive an email from Stamus Labs with a License Key for the feeds and instructions on how to use them.

 

NOTE: You must supply a valid email address to receive your key.

 

Report Issues and Get Support for the NRD Threat Intel Feed

To access README documentation, issues tracker and the threat intelligence wiki, please visit our GitHub page here >>

To ask questions, answer questions, or simply listen in, join our Discord community here >> Discord Logo (black) PNG-1

Check out additional open-source tools from Stamus Labs

Below are a few of the many open-source tools developed and maintained by Stamus Labs.

StamusLabs_SELKS_Card

SELKS

Learn More
StamusLabs_Suri4Analysts_Card

Suricata for Analysts

Learn More
StamusLabs_SuriRuleset_Card

Lateral Movement Ruleset

Learn More
StamusLabs_SplunkApp_Card

Splunk App

Learn More

ABOUT STAMUS NETWORKS

Stamus Networks believes in a world where defenders are heroes, and a future where those they protect remain safe. As organizations face threats from well-funded adversaries, we relentlessly pursue solutions that make the defender’s job easier and more impactful. The global leader in Suricata-based network security solutions, Stamus Networks helps enterprise security teams know more, respond sooner and mitigate their risk with insights gathered from cloud and on-premise network activity. Our Stamus Security Platform combines the best of intrusion detection (IDS), network security monitoring (NSM), and network detection and response (NDR) systems into a single solution that exposes serious and imminent threats to critical assets and empowers rapid response. 

Indianapolis, USA Paris, France

Privacy

© 2014-2024 Stamus Networks, Inc. All rights Reserved.