Five Things To Know About The Tesla Motors Compromise

As many of you have heard, Tesla Motors’ website was “hacked” on Saturday as well as its official Twitter account. The teslamotors.com website was redirected to a server hosted in Amsterdam. Within a few minutes, the account began sending tweets promising free Tesla cars to those who called a certain phone number, which belonged to a computer repair shop in Illinois, and was presumably tweeted out to flood the number’s owner with calls. Later that same day it was revealed that Tesla ...

“Operation Source” AAEH Botnet Takedown

“Operation Source” scored a win for the home team yesterday by taking down the AAEH botnet (also known as Beebone). This multi-organization effort (see the full list of organizations below) resulted in the domains associated with the botnet being sinkholed. This effort provides a window of time for the infection to be cleaned up before it receives new marching orders.

You can read more about the malware associated with this network in the US-CERT post or in the press release from ...

Finding Malicious Connections within Memory

The Importance of Memory Forensics

Information security practitioners know the benefits of examining multiple sources of system data. This is one of the corner stones of the SIEM. By accumulating multiple sources of log data a richer and fuller picture can be developed. I like to break down sources of security data into four categories:

system state including memory contents, registry entries, logged on users and more system disk including stored files and their locations, system or event logs and more recorded network traffic ...

Solving the Honeynet Forensic Challenge – “Weird Python”

Two weeks ago I saw on Twitter that Thomas Chopitea and Maximilian Hils of The Honeynet Project were nice enough to create an online forensics challenge. I had a Sunday afternoon free and thought I’d give it a shot. I ended up completing most of the challenge. This blog serves as a walk through for my solution.

Network Forensics

I’ve talked about my approach to network forensics before and thought, “what better time to practice what I preach?”. First I read over ...

New Malware Attacks On The Threat Horizon

At OpenDNS Security Labs we thrive on continual innovation. We look at our extensive data collection network built on top of a very large security infrastructure and use this data to predict what’s coming next.  We’re a team of world-class engineers, mathematicians, and security researchers, and we’re taking an innovative and proactive approach to security research. It’s often stated that being a DNS company puts us in a bleeding edge position from a security standpoint as we are able ...