Point of Sale Breach Timeline

If you’re like us you have a hard time remembering the point of sale (PoS) breaches that have occurred over the years. In an effort to simplify past public breaches, we have created a timeline that describes 59 distinct PoS-related breaches where the following were (or are believed to be) true:

Malicious software was installed or a malicious actor gained unapproved access to the PoS system, Card holder information was, or could have been, exfiltrated from the organization, and The breach was reported via a ...

S4: IRespond Con Wrap Up

Last week we hosted our first all day security training and meetup event here at our beautiful new office location in San Francisco. We have hosted several meetups in the past but this one was geared directly at providing some training to the Incident Responders in the trenches. More than 200 people attend throughout the day and some even flew in from as far away as Paris for the event. Both the training presentations and the meetup presenters did a ...

What is up with Zeus GameOver ?

In late May 2014, the US Department of Justice, FBI, and several security companies carried out “Operation Tovar” aiming at dismantling the infrastructure of Zeus GameOver (we’ll call it oldGOZ), Cryptolocker, and the prosecution of actors identified to be behind the malware operations [1].

In early July, a new variant of GOZ (we’ll call it newGOZ) delivered via spam emails was detected by security researchers [2][3][4]. This new variant relinquished the P2P feature and resorted to using CnCs hosted initially on a known fast ...

S4 Incident Responder and Researcher Conference: Agenda

As a follow up to our previous post, the agenda for the S4 Incident Responder and Researcher Conference, being held at OpenDNS HQ on September 18th, 2014, is now finalized.

Training Sessions


Time Title Presenter 8:00 Breakfast and coffee (first talk 9AM SHARP!) n/a 9:00 – 11:00 Malware Analysis for Incident Responders Lenny Zeltser, The SANS Institute 11:00 – 13:00 Using Bro* Anthony Kasza, OpenDNS 13:00 – 15:00 Using Moloch Scott Floyd, Salesforce 15:00 – 17:00 IR 2.0 : Elastic Search, Logstash, Kibana (ELK) The folks at Elastic Search


Note: Lunch will be provided and available during the Bro session.


Evening Talks


Time Title Presenter 17:00 – 17:20 Measuring the ...

SemanticNet: A Python Library for OpenGraphiti


SemanticNet is a small Python library written to assist in the generation of data sets for the OpenGraphiti graph visualization tool. Because OpenGraphiti loads its graphs from a custom JSON representation of graphs, it is necessary to have a convenient way of generating the JSON graphs.

Thus, the purpose of SemanticNet is to provide a standard and easy mechanism to do this. The goal of this project is to make it easy to let the user focus on the semantics, rather than ...