The organization I work for uses Malicious Domain Blocking and Reporting (MDBR), which is a service provided by Center for Internet Security (CIS). MDBR technology prevents IT systems from connecting to harmful web domains, helping limit infections related to known malware, ransomware, phishing, and other cyber threats. (source) From what I gather this is a new tool and has been adopted primarily by government agencies.
Recently two major application libraries were identified as malicious content:
fonts.gstatic.com. Applications were in a broken state until we alerted our security team that there was an issue. Their feedback was essentially: We don’t have control over what is included on the MDBR block list. We trust CIS and if they are blocking there is a good reason for it.
Can anyone with experience with this security tool speak to the issue? Have you seen major assets be blocked by MDBR? If so, how did you remedy the issue? It is alarming that jQuery would be blocked. If it is a legitimate concern the entire programming/security community would be screaming. If it isn’t, why is it on the MDBR block list?