Category: News
OpenDNS to Host the No Big Thing (NBT) Conference
With BayThreat 2014 being cancelled, OpenDNS has offered to host the first day of the two day No Big Thing (NBT) conference. In a short time, the organizers of the event have had an amazing group of speakers, sponsors, and volunteers help organize a great hacker conference.
The event is currently at capacity but there is a waitlist that anyone can add themselves to.
The event includes two days of advanced information security presentations, food, drinks, and a hallway track for socializing. Starting Friday, December 5th at 2:00pm PST, OpenDNS opens its doors to kick off the conference at 135 Bluxome Street.
Schedule:
Friday, December 5th at OpenDNS (135 Bluxome St, San Francisco, CA 94107)
| Time | Speaker | Topic |
| 2:30-3:30 | Richo Healy | “Audible networking with Groundstation” |
| 3:30-4:30 | MainBoard | “point bREak : trolling BBS applications and users back in the 90s” |
| 4:30-5:00 | Jason Craig | “SIGINT isn’t just for the government anymore” |
| 5:00-6:00 | Speaker TBA | Topic TBA |
| 6:00-6:30 | Provided dinner break | |
| 6:30-7:00 | Ping Yan | “Applied statistics and machine learning techniques on in-app events” |
| 7:00-8:00 | Alex Pinto | “From Threat Intelligence to Defense Cleverness: A Data Science Approach” |
| 8:00-10:00 | Provided tacos and cerveses | |
| 10:00-? | Hosted party at bar TBA | |
Saturday, December 6th, the conference is being hosted at the Salesforce office (121 Spear St, San Francisco, CA 94105) starting at 10:00am.
| Time | Speaker | Topic |
| 10:00-11:00 | Kymberlee Price | “More Libraries! More Vulnerabilities! More Things!” |
| 11:00-12:00 | Morgan Marquis-Boire | “Eve, Mallory, and Jack Bauer: Real threats for RealPeople” |
| 12:00-12:30 | Ben Sadegh | “How bug bounty hunters do and don’t” |
| 12:30-1:00 | Provided lunch | |
| 1:00-2:00 | Wartortell | “The trials and tribulations of an APTmalware author” |
| 2:00-3:00 | John Menerick | “Breaking or Protecting the Internet’s BuildingBlocks” |
| 3:00-4:00 | TBA + break | |
| 4:00-5:00 | Dan Hranj and Josh Schwartz | “Red vs Blue” |
| 5:00-6:00 | Evan Booth | “MacGyveresque creative problem solving” |
| 6:00-8:00 | Provided dinner and drinks | |
| 8:00-10:00 | Hosted party at bar TBA | |
| 10:00-? | Cash Bar Crawl (check Twitter for location updates) | |
Each evening will have a hosted happy hour and dinner with an afterparty at a local bar. We hope to see you there!
Check out our the official Twitter account for the latest announcements: @nbtcon.
For directions to OpenDNS, please use the following map for a point of reference:
The post OpenDNS to Host the No Big Thing (NBT) Conference appeared first on OpenDNS Security Labs.
IRISSCon 2014 Recap
Last week we had the pleasure of speaking at the 6th Irish Reporting and Information Security Service Computer Emergency Response Team (IRISSCERT) Cyber Crime Conference (IRISSCon) in Dublin, Ireland. IRISSCERT is an independent, not-for-profit company, limited by guarantee, and founded in 2008 to provide a range of free services to Irish businesses and consumers in relation to information security issues to help counter the security threats posed to Irish businesses and the Irish Internet space.
In addition to presenting a talk on the threats facing Ireland’s corner of the Internet, we were also at IRISSCon to announce a data sharing partnership between IRISSCERT and OpenDNS. Visibility into emerging threats, as they are being staged, is a critical first step in staying ahead of Internet attacks and limiting their damage. We are pleased to be announcing this intelligence sharing relationship with IRISSCERT so they can use OpenDNS solutions for early detection, response, and remediation of threats in Ireland.
IRISSCERT will use OpenDNS Investigate to alert and protect Irish businesses and other organizations from malicious domains that are hosting malware, phishing sites, and botnet command-and-control (C&C) infrastructure. OpenDNS will use the threat intelligence data shared by IRISSCERT to support our ongoing research into malicious online activity around the world. The full press release can be found here.
The organizers informed us that the conference sold out (at roughly 300 people!). Not only did it sell out, but there was a lengthy waitlist to get in, with organizations and individuals calling on the day of to try and obtain “special” access.
Prior to the event, the conference speakers (myself included) got together for dinner, drinks, and lengthy discussions on the global security landscape – with a focus on Ireland and Western Europe. This was a pleasant change from the typical US-centric discussions we often encounter at North American security conferences. The craic was mighty.
For a one day conference, there were far too many great talks to call out. As you can see in the keynote by Paul Gillen, Head of Operations at @Europol_EU European Cybercrime Centre (EC3), the conference was very well attended.
In addition to the speaking portion of the conference, a well attended capture the flag (CTF) competition was run in the adjacent room. The winners, a group of students from the Institute of Technology Blanchardstown (ITB) in Dublin, had participated in previous years’ IRISSCON CTFs.
Oh, and did I mention the amazing food and drink?
Look for OpenDNS Labs at more EMEA events in 2015 as we continue to bring our global security platform to every corner of the globe. Also, if you would like to explore an information sharing partnership like the one we’ve established with IRISSCERT, please reach out to me directly at andrew.hay@opendns.com.
The post IRISSCon 2014 Recap appeared first on OpenDNS Security Labs.
Point of Sale Breach Timeline
If you’re like us you have a hard time remembering the point of sale (PoS) breaches that have occurred over the years. In an effort to simplify past public breaches, we have created a timeline that describes 59 distinct PoS-related breaches where the following were (or are believed to be) true:
- Malicious software was installed or a malicious actor gained unapproved access to the PoS system,
- Card holder information was, or could have been, exfiltrated from the organization, and
- The breach was reported via a publicized breach notification or by the media
The incidents were found through a combination of “intense Googling”, referencing various news outlets, such as KrebsOnSecurity and ThreatPost, and several breach databases including the VCDB VERIS Community Database and the OSF DataLossDB.
Looking at the data provided some interesting talking points.
For example, based on our research, the Fudruckers breach in 2002 may have been the first reported PoS malware-related breach. Also, out of all of the breaches we observed, the only businesses that went out of business as a direct result of a PoS malware infection were two Spicy Pickle restaurants in Kalamazoo, MI. (Readers, please correct us if we’re wrong…)
You can view the full timeline by clicking on the timeline image below:
This is not the complete list of PoS breaches to date. According to the 2014 Verizon Data Breach Investigations Report (DBIR), 198 total incidents were reported related to PoS intrusions. Unfortunately for us, Verizon doesn’t name victims in the report nor do they divulge client-specific information on any breaches handled by any of the DBIR contributors.
The DBIR team did, however, report that RAM scrapers have passed keyloggers as the most common malware associated with POS intrusions and that compromises take seconds or minutes (87 percent combined) to happen in POS attacks – with exfiltration happening within minutes of a compromise in 88 percent of breaches. Attackers, meanwhile, have free reign for weeks, in 85 percent of breaches before they are discovered.
Verizon also said that “Regardless of how large the victim organization was or which methods were used to steal payment card information, there is another commonality shared in 99% of the cases: someone else told the victim they had suffered a breach.”
We plan on treating this breach timeline as a living document. As such, if you have any additions or corrections, please let us know ASAP and we’ll update the data. Also, if you think a breach-to-variant comparison for the malware employed in each case would be of value, please drop us a line.
Photo Credit: gruntzooki via Compfight cc
The post Point of Sale Breach Timeline appeared first on OpenDNS Security Labs.