Trojan? You mean like the Malware?

Welcome back, ladies and gents, to another installment of MalWTF101! Last month, I picked apart what a BotNet is (here’s a link for convenience). This week, I’m going to talk about one of the more classic trolls of the malware neighborhood. This particular style of malware has been around since about the 1980s and is still relevant to this day, as the trolls continue to find ways to trick you into downloading and enabling it on your computer. If you guessed ...

OpenDNS Labs Releases CRITs Service Module

Automated intelligence makes everyone’s lives easier. In the spirit of automated intelligence, OpenDNS Labs is pleased to announce the release of the OpenDNS service for the newly open sourced Collaborative Research Into Threats (CRITs) tool by MITRE.

CRITs is an open source tool that brings digital investigation workflows to the masses. With a web front end backed by MongoDB, CRITs provides a central platform for analyzing malware, pcaps, emails, domains and most other artifacts related to an incident. One very powerful feature of ...

Gameover ZeuS Switches From P2P to DGA

Though Operation Tovar succeeded in temporarily cutting communication between Gameover ZeuS (GoZeus) and its command and control infrastructure, it appears now that GoZeus has migrated from using peer-to-peer communications to domain generation algorithms (DGAs).

According to research by our friends over at Malcovery, a “new trojan based heavily on the GameOver Zeus binary…was distributed as the attachment to three spam email templates.” In the report, several domains were identified as being the destination of the infected malware’s communications. The most active of the DGAs ...

Do you have a security blind spot?

There has been some press recently on what professionals are calling the “DNS Blind Spot”. The basic message is that of all the security tools, products, and technologies deployed, visibility into the DNS layer is the one that is most under-utilized. With the growing sophistication and frequency of threats, DNS provides an incredible opportunity to monitor, alert, and prevent some of the most nefarious threats from getting in – and contain them from getting out.

To get a sense of just how ...

The Security Internship

Note from Andrew Hay: This is a post written by OpenDNS Security Labs interns Kevin Bottomley and Skyler Hawthorne on their experiences working at OpenDNS.

Although neither of us have been working at OpenDNS for very long, the experience thus far has been very rewarding. We work at a company that serves as a gateway to the Internet for 50 million users daily that allows us to bring in our ideas and concepts, and implement them into the OpenDNS infrastructure.

Culture

The culture ...