Skip to content

Welcome and a (brief) introduction to the SoleraBlog

2011-10-06
by

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

This year, I shaved my head in support of the EFF, who themselves support the work of security researchers and analysts everywhere. See http://j.mp/mohawkcon for details.

Greetings, reader. My name is Andrew Brandt, and I’ll be one of the people contributing to this relaunched Solera Networks blog. I’m a security researcher and writer, and I enjoy breaking things – mostly in the world of computers, operating systems, and software, but I’ve been known to gut and scavenge electronic gizmos, as well – and hope you will join me as I proceed to make every day just a little harder, or worse, for cybercriminals.

Some of you may have followed my work when I was with Webroot, a cloud antivirus company. Prior to Webroot, I covered security for PC World, but discovered after a while that I preferred digging for my own stories through the bloated corpses of malware executables to waiting for them to come my way.

Solera Networks’ tagline appeals to my sensibilities as an investigative journalist. “See everything. Know everything” has clear advantages, but isn’t that just marketing jargon? What does it really mean?

In this case, it’s a software and hardware combination that, through its DeepSee interface, displays complete visibility into a network stream — even when that stream looks and behaves much more like a raging river. It captures, classifies, and (crucially) indexes into a rapidly-searchable database everything, and I mean everything, that crosses the wires, no matter how big the network or heavy the traffic.

There isn’t a malware worth mentioning that doesn’t spend at least some time phoning home to its controller, retrieving instructions, exfiltrating stolen data, retrieving malicious payloads or driving the computer into exploitative Web sites. We see it all, and it’s exhilarating to be able to find malicious activity so easily, and see exactly what it’s doing. Frankly, it’s so easy it feels a little bit like cheating, but I just don’t care.

I hope, during my time as the Director of Threat Research for Solera Networks, to continue my efforts to shine a spotlight on the activities of cybercriminal networks and the code they propagate out into the world. Worldwide notification about ongoing attacks has this funny tendency to stymie criminals’ ability to get their “jobs” done, and I’m all for ruining their day at least as much as they ruin the days of their victims.

You may also expect, in your time visiting this site, to see more evidence that, while there are a few truly expert criminal coders out there, the vast majority are a few (sometimes hilarious) cards short of a full deck. Let’s cheer on the cybershnooks– from here, as well as from Twitter (@SoleraBlog) and Solera Networks’ Facebook page — as they board the malicious activity short bus on their field trip into obscurity.

from → 4 teh lulz, Backchannel communications, Command-and-control, malware, Malware trends, Network attacks, Threat Research

Comments are closed.