Hitting the Ground Running

April 8th, 2014 was a pretty exciting day for me.

After admiring OpenDNS as a researcher, and then as a customer, I officially began working at the company as Director of Security Engineering. For the prior 6+ years, I had been Director of Security Operations at Yahoo! having built a rock star team of security engineers.  I learned a lot there about scale, building resilient systems, and protecting user data. It’s refreshing to land in a place surrounded by like ...

When Suspended Domains Are Actually Targeted Attacks

Our models and manual investigations often uncover unlabeled domain names that are likely to be part of an infection chain – eventually leading to domains already known to be malicious.

During the first week of March, cdn11[.]net and cdn777[.]net were observed, before other domains, serving exploit kits.

Curiously, our DNS database didn’t have any information about these specific domains – and using a local DNS resolver offered no additional insight. The dnsws[.]net authoritative servers were apparently not answering any queries about these ...

CanSecWest Vancouver 2014 Report

A few weeks ago, Ping Yan and I went to Vancouver for the CanSecWest conference in order to present our talk entitled “Intelligent Use of Intelligence: Design to Discover”. Being accepted at this worldwide event, needless to say, we were pretty excited!

This article will give a short overview and a quick recap of all the speakers/events that caught our attention.

We left beautiful San Francisco on March 10th and went directly to our Vancouver office. The weather was sunny ...

Syria, Speculation, and Specifics

After being down for 6 hours and 40 minutes Syria is back on the Internet. According to the Director of the Syrian Communications Company, Bakr Bakr, the outage was due to a “breakdown in the optical fiber cable in Damascus Countryside” that affected the entire country. “The maintenance teams are working to identify the site of the breakdown,” said Bakr “[They will] fix it as soon as possible” according to a story by H. Said of the Syrian Arab News Agency.

What’s ...