Skip to content

ConnectWise-Software/ConnectWise-CRU

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

ConnectWise Cyber Research Unit Threat Feeds

This repository contains lists of threat intelligence discovered by the CRU using our internal sandbox built on top of the Perch platform or found while threat hunting. This data is threat intelligence the CRU has been collecting for years and using internally at ConnectWise for threat hunting and threat analysis assistance. We use this intelligence daily, searching for these indicators in our customer's network data to find new threats and filter out false positives. This feed is updated daily.



Mozi Tracker

We see thousands of Mozi bots attempting to spread on a monthly basis. The Mozi tracker is a CSV of all the Mozi URLs we've seen actively in use in the past 14 days.

Domains

This is a list of domain names that malware samples attempted to connect to when run through the CRU internal sandbox.

IPs

This is a list of IP addresses that malware samples attempted to connect to when run through the CRU internal sandbox.

Suricata

Suricata rules created by the CRU (Mostly Stu).

Releases

No releases published

Packages

No packages published