Build from COVID-19 MISP Instance. https://twitter.com/MISPProject/status/1240935883920064512

Based on events with tag pandemic:covid-19="cyber"
Includes domain and hostname attribute type

blocklist_domain.csv : Only the attribute (domain, hostname) data
blocklist_full.csv : All details, including decaying score
blocklist_domain_fp_lowrisk.csv : Same as above, but for events with filter false-positive:risk=low
blocklist_fp_lowrisk.csv : Same as above, but for events with filter false-positive:risk=low


Source code, see: https://www.vanimpe.eu/2020/03/28/covid-19-blocklists/

============
============

Other blocklists
- Cyber Threat Coalition : https://blacklist.cyberthreatcoalition.org/
- DCSO feed : https://publicmisp.dcso.de/covidfeed/covid.csv
- https://1984.sh/covid19-domains-feed.txt
- COVID-19 CTI-Leaguue : https://github.com/COVID-19-CTI-LEAGUE/PUBLIC_RELEASE/blob/master/COVID-19-CTI-LEAGUE-PIHOLE-DOMAIN-BLACKLIST.txt

============
============

Whitelists
- https://raw.githubusercontent.com/MISP/misp-warninglists/master/lists/covid-19-cyber-threat-coalition-whitelist/list.json
- https://github.com/krassi/covid19-related

============
============

Lists monitoring COVID-19
- https://osint.bambenekconsulting.com/feeds/covid-master.txt

============
============

Threat reports
- https://www.riskiq.com/blog/analyst/covid19-daily-update/
- https://www.domaintools.com/resources/blog/free-covid-19-threat-list-domain-risk-assessments-for-coronavirus-threats

============
============

PIHOLE INSTRUCTIONS

1. Log into your PiHole admin console
2. Select "SETTINGS"
3. Select "BLOCKLISTS"
4. In the URL entry box type
         https://raw.githubusercontent.com/COVID-19-CTI-LEAGUE/PUBLIC_RELEASE/master/COVID-19-CTI-LEAGUE-PIHOLE-DOMAIN-BLACKLIST.txt
5. Select "SAVE AND UPDATE"
6. Test by using the "QUERY LISTS" feature under "TOOLS"

REMEMBER TO UPDATE YOUR PiHole LISTS by using 'pihole -g' or with a CRON job daily.

============
============