ransomwaretracker.abuse.ch discontinued #184
Comments
|
+1 |
|
Does this mean that the Abuse.ch Ransomware tracker lookups in Graylog are no longer useful ? |
|
When they did not changed anything in the meantime, that it is not useful since Dec 8th, 2019 |
|
Had a look at the the API for urlhaus.abuse.ch and it seems like it might support something roughly like the ransomware URL data adapter, but I'm not sure there's a solution for the Domain and IP ransomware adapters. Discussing with the team about the best path forward for this issue. |
|
I have removed the abuse.ch plugin, rules, pipeline, and events/alerts from my setup, to save the wasted processing power and storage space. The rest of the GL userbase should probably be prompted to do so (be it via the notification system or in a future update). Also the blog entry on the GL website on the abuse.ch setup should probably get updated. Finally I think it would be better to treat the URLhaus integration separately as it has a different use case. |
Ransomware Tracker has been discontinued on Dec 8th, 2019
The Data Adadpter for abuse.ch ransomware Domains and IP gets no new food.
Expected Behavior
Use of URLhaus instead (https://urlhaus.abuse.ch/api/)
Current Behavior
ransomwaretracker.abuse.ch stops its service.
Possible Solution
Use of URLhaus instead (https://urlhaus.abuse.ch/api/)
The text was updated successfully, but these errors were encountered: