Akamai Diversity

The Akamai Blog

Recently by Or Katz

Or Katz

Or Katz

May 3, 2018 8:14 AM

Phishing in the Wild: A New Threat Research Paper

Phishing is an extremely common attack vector that has been used for many years, and the potential impact and risks involved are well known to most Internet users. Despite this, phishing is still a highly relevant attack method being used in the wild, affecting many people. The question is, how can a security threat continue to have a significant impact, even though many Internet users know about the risks and

Or Katz

Or Katz

January 19, 2018 1:33 AM

Gone Phishing For The Holidays

Written by Or Katz and Amiram Cohen Overview: While our team, Akamai's Enterprise Threat Protector Security Research Team, monitored internet traffic throughout the 2017 holiday season, we spotted a wide-spread phishing campaign targeting users through an advertising tactic. During the six week timeframe, we tracked thirty different domains with the same prefix: "holidaybonus{.}com". Each one advertised the opportunity to win an expensive technology prize - a free iPhone 8, PlayStation

Or Katz

Or Katz

October 19, 2017 4:00 PM

Fast Flux Botnet: Research Results

Just like that, another Akamai Edge has come and gone. If you were able to join us this year, I hope you had a chance to stop by my presentation on Threat Intelligence Insights: An In-Depth Analysis of a Fast Flux Botnet.

Or Katz

Or Katz

July 12, 2017 2:11 PM

The Slippery Slope Starts with "Get 2 Free Airline T ...

Written by Or Katz and Raviv Perets A widespread phishing scam that offers free airline tickets has been spotted in the wild by Akamai's Enterprise Threat Protector (ETP) security research team. The campaign uses a number of social engineering techniques to trick people into providing their private information. When someone clicks on the link in the phishing email, they are taken to a dedicated website that tells them they have

Or Katz

Or Katz

May 25, 2017 10:11 AM

Consuming Cyber-security: The Beginning of a New Era

Overview Can you imagine anyone buying a car without airbags and without seat belts? I bet you can't! So why is it that we buy computers without Antivirus software already installed, home routers without a firewall already installed or connected devices (IoT) that are lacking proper security controls?

Or Katz

Or Katz

January 26, 2017 10:11 AM

Improving Credential Abuse Threat Mitigation

Have you ever tried to login to your favorite website and mistakenly typed the wrong user name and password once, or even twice? I bet you have. And what about submitting a third consecutive false attempt? In most cases, at that point a secure website will start questioning the integrity of your actions. From a defense point of view, websites should suspend and limit false login attempts to confirm authenticity

Or Katz

Or Katz

January 5, 2017 9:55 AM

The Year of Attacking "Things"

Yearly Review 2016 was an exciting year; a year in which hazards related to the Intent of Things (IoT) became trendy small talk in many living rooms around the world. For us, the members of the InfoSec community, it was the year when the security risks of IoT devices evolved from being theoretical to becoming a practical problem to us all. It was the year in which we all realized

Or Katz

Or Katz

November 3, 2016 10:51 AM

Yes, My Name is ||

Boolean Operator Different cultures and nationalities have different naming conventions; I came from a one that led me to face the universe with a personal name "Or". I fact, my name has different meanings in different languages. In English the meaning of "Or" is function word that indicate alternatives and in computer coding languages the name "Or" is being used as Boolean operator that enable us to write conditions in

Or Katz

Or Katz

October 18, 2016 5:56 PM

Keeping an Eye on Credential Abuse Attacks

Akamai Edge conference is here and I'm really excited to share some of my insights and thoughts about credential abuse attacks in my session "Akamai Threat Research into Credentials Abuse". Credential abuse attacks become a common disturbing threat in recent years, a successful credential abuse attack campaign can result with a potential damage that include losing access and control over the accounts, data breach and even fraudulent transactions.