OpenDNS Offers Security Researchers Free Service For Tracking Cybercrime, Cyberespionage

  /     /     /  
Publicated : 22/11/2024   Category : security


OpenDNS Offers Security Researchers Free Service For Tracking Cybercrime, Cyberespionage


Red October, PayPal phishing campaign connection discovered via new OpenDNS service for researchers



KASPERSKY ANALYST SUMMIT -- San Juan, Puerto Rico -- An OpenDNS executive here today will announce that the DNS and security service provider is offering security researchers free access to its Internet and DNS traffic data and analysis. The idea is to provide researchers with a more global view of malware, botnets, and advanced threats rather than just a snapshot or slice of the activity.
Dan Hubbard, CTO at OpenDNS, says the so-called Umbrella Security Graphic project is for security researchers, investigators, and educators to help them identify new information on existing attacks, as well as to discover new attacks. Its based on our massive amount of data: Its the intersection of the big-data and data-mining movement in security, he says. Researchers can apply data with the projects contextual search engines and visualization, he says.
Security research over the years has been manually driven, he says. Its designed to help identify new information on existing attacks, attacks they didnt know about, and forensics on attacks and victims combined with other data attributed to the attacks.
Hubbard says the goal is more predictive security intelligence rather than always chasing after the bad guys.
OpenDNS used its Umbrella Security Graph to connect the dots in at least one aspect of the
Red October targeted attacks revealed by Kaspersky Lab last month
: Some locations hosting the [Red October] command-and-control were also hosting a PayPal phish, Hubbard says. Its unclear whether the same group was behind both campaigns, but the find was yet another example of the intersection between traditional cybercrime and cyberespionage, he says.
Theyve taken the code and repackaged it in some way, says Hubbard, who will demonstrate here today how the tool can find locations, domains, and other characteristics of Red October.
OpenDNSs Umbrella Security Graph is based on the DNS service providers global network of 45 billion daily DNS query requests from some 50 million users worldwide. It allows us to query data in very large and massive [volumes], and to combine it with algorithms and technologies that identify the attacks and then connect them together, he says.
Researchers must be authorized, vetted, and authenticated to use the free service, which is closed to the general public, he says. Researchers can connect to our platform and query it like a search engine to look around for attacks, Hubbard says.
Harnessing a more global view of attacks is the Holy Grail for researchers today. A group of researchers from Northeastern University, Symantec Research Labs, Eurecom, and UC Santa Barbara recently
built a prototype system for detecting botnets on a large scale
and for finding previously unknown botnet C&C servers. The tool spots botnet activity over the Internet as a whole, rather than just within an organization, according to the group of researchers.
Aside from the Red October find, Hubbard also will demonstrate here how OpenDNS researchers used Umbrella Security Graph for drill down into the recently discovered Linux backdoor attack, and to inspect a botnet.
Have a comment on this story? Please click Add Your Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
OpenDNS Offers Security Researchers Free Service For Tracking Cybercrime, Cyberespionage