Last Build Date: Wed, 18 Jan 2017 18:26:42 +0000
Wed, 18 Jan 2017 18:26:42 +0000
We’ve spotted a Remote Access Trojan(RAT) and are headed down into the unknown. In this blog post we’re going to examine some malicious infrastructure that we’ve found by pivoting through domains delivering and communicating with RATs. A RAT is malware that creates a back door to gain access to the target and its connected resources […]
Tue, 17 Jan 2017 21:00:52 +0000
Today, we’re excited to announce the availability of two new security categories for Umbrella: DNS tunneling VPN and Potentially harmful. DNS tunneling VPN DNS tunneling is the ability to encode the data of other programs or protocols in DNS queries and responses.1 Anti-virus programs and security services use DNS tunneling to fetch signatures. But, not […]
The post Announcing two new security categories for Cisco Umbrella appeared first on OpenDNS Umbrella Blog.
Wed, 11 Jan 2017 18:03:30 +0000
Exploit Kits play an integral role in many of the attacks we see on a daily basis. In this blog post we show how we use our data in a novel way to uncover new components of the attack infrastructure and protect our customers earlier. Background A race unfolds each time a new WordPress, Joomla, or similar web […]
Thu, 05 Jan 2017 16:22:01 +0000
As we begin our journey into 2017, many of us will take the opportunity to look back on how 2016 went. This time of year is conducive to self-reflection and introspection, learning from the past to prepare for the future. Though there were many incidents over the course of the past twelve months, none captured my […]
The post The Future is Here – Assaulting the Internet with Mirai appeared first on OpenDNS Umbrella Blog.
Thu, 22 Dec 2016 13:57:20 +0000
Over the past year as cryptocurrency has steadily increased well past $800, OpenDNS Labs has been diligently tracking Bitcoin wallet phishing campaigns. With this most recent uptick in price we have observed a recent rise during this holiday season in phishing domains to steal access to online wallets. This latest spike was very similar to the […]
The post New attacks on wallets and AdWords correlate with Bitcoin price surge appeared first on OpenDNS Umbrella Blog.
Mon, 19 Dec 2016 13:48:09 +0000
This blog post was authored by Jakob Dohrmann, David Rodriguez, and Jaeson Schultz. INTRO The Cisco Talos and Umbrella research teams are deploying a distributed hailstorm detection system which brings together machine learning, stream processing of DNS requests and the curated Talos email corpus. Talos has discussed snowshoe spam before. Traditional snowshoe spam campaigns are […]
Wed, 14 Dec 2016 21:04:55 +0000
Here at Cisco Umbrella, we have a culture and passion for giving back to the technical community. This has included projects such as: our free consumer OpenDNS service, our free Enterprise Premium DNS Service, Phishtank, DNSStream, BGPStream, DNSCrypt, and several other open source projects and data sources. With that, we are very excited to announce […]
Tue, 13 Dec 2016 13:23:49 +0000
The Network Security Lab at 360 provided evidence that the Mirai botnet has a built-in domain generator algorithm (DGA) feature. In this blog, we share some of what we learned about frequent traffic patterns of Mirai DGA domains. In brief: Mirai DGA domains may see up to 10K queries per hour. A frequent pattern is seen where Mirai DGA domains […]
Mon, 12 Dec 2016 18:57:25 +0000
At a young age, most of us were told, “don’t talk to strangers.” While the majority of people we encountered as kids were probably nice and friendly, avoiding all strangers kept us safe from those with bad intentions. It’s a great policy for kids, but not so great for enterprise security. Assuming every new domain […]
Wed, 30 Nov 2016 16:23:19 +0000
Ten things you didn’t know about the Umbrella roaming client. You may already know that the Umbrella roaming client is a small endpoint agent that provides on and off-network protection for Windows and Mac laptops. Here are ten other things you probably didn’t know! 1. It handles most internal domains automatically. The roaming client automatically sends […]
The post Ten things you didn’t know about the Umbrella roaming client appeared first on OpenDNS Umbrella Blog.