Increased false positives - Internet Storm Center and OpenPhish
Incident Report for DNSWatch
Resolved
This incident has been resolved.
Posted Sep 23, 2020 - 16:42 EDT
Update
We identified another false positive on the OpenPhish feed yesterday.

A domain used in a content delivery network was erroneously added. The domain in question, responsys.net, is used by Oracle's Responsys marketing product and is safe.

We whitelisted this domain and it is no longer generating alerts.
Posted Apr 29, 2020 - 10:23 EDT
Monitoring
We have disabled the ISC feed and continue to audit the OpenPhish Premium feed.

We will continue to update this incident as we learn more.
Posted Mar 04, 2020 - 21:27 EST
Identified
Multiple benign domains have been erroneously blocked by DNSWatch recently, leading to an increase in false positive alerts.

The domains in question were added to either the Internet Storm Center or OpenPhish feeds. We are mitigating this issue by temporarily disabling the Internet Storm Center feed as well as further investigating OpenPhish.

We will continue to update this incident.
Posted Mar 04, 2020 - 11:21 EST
This incident affected: Blackhole.
Current Status Powered by Atlassian Statuspage