Akamai Diversity

The Akamai Blog

Recently by Or Katz

Or Katz

Or Katz

August 19, 2015 2:21 PM

The Real Story Behind Cheating Stories? Blackhat SEO

Search Engine Optimization (SEO) campaigns are prevalent and legitimate ways to promote web applications in order to get a better visibility and more traffic to your web application. But what happens when an SEO campaign crosses the line into the dark side and becomes malicious? Recently the Akamai Threat Research Team discovered a highly sophisticated SEO attack campaign that was promoting the search results rating for a web application

Or Katz

Or Katz

July 23, 2015 9:57 AM

How to Tell a Landscaper From a Thief

If I can see a person standing in front of a neighboring house inspecting the windows and the doors, should I call the police? Maybe it is the air-condition technician looking for the best place to install a new air-condition unit, or maybe it is a robber doing reconnaissance and checking what is the easiest way to get into the house. It is hard to tell! Now what if

Or Katz

Or Katz

May 29, 2015 6:17 AM

Mobilizing SQL Injection Attacks: Same Pig, New Lips ...

In the past years we have seen an increase in distributed attacks against web applications. By using many attacking resources to target the same destination, attackers are obscuring their identity while boosting attack bandwidth, placing a greater challenge to defensive forces. Most of the distributed attacks use "volumetric" methods such as Distributed Denial of Service (DDoS) or brute force techniques such as "slow and low" to attack web applications.

Or Katz

Or Katz

May 15, 2015 10:48 AM

OWASP AppSec Europe 2015

This Year AppSecEU will be hosted in Amsterdam, Netherlands 19 - 22 May and Akamai Threat Research Team will be on stage.

Or Katz

Or Katz

April 8, 2015 11:50 AM

Long Live the Botnet

Botnets are, in many ways, living organisms. They are formed by their creators - both malicious and benign - and then roam the internet. Much has been written about good and bad bots, but not much as been written about the lifecycle of the bot. Do Bots die? If so, when? What is the average life-span of a good bot? A bad bot?

Or Katz

Or Katz

January 7, 2015 12:00 PM

Cat and Mouse: Web Attacks Increasingly Sidestep WAF ...

Recently, the Akamai Threat Research Team unveiled a unique distributed brute force attack campaign targeting nearly five hundred WordPress applications. What's interesting about this campaign? It clearly demonstrates how Web attackers are becoming more sophisticated, attempting to evade security controls - specifically Web Application Firewalls (WAFs) and rate control protections. Continue reading on "The Security Ledger": https://securityledger.com/2014/12/cat-and-mouse-web-attacks-increasingly-sidestep-waf-protections/

Or Katz

Or Katz

April 15, 2014 3:00 PM

Cloudification of Web DDoS Attacks

Recent studies and reports show a dramatic increase in the prevalence of denial of service attacks in general, and application layer attacks in particular. As a result of this increase, DoS protection and mitigation solutions have evolved both on the technological side as well as in their ability to scale and protect against larger and more distributed attacks (DDoS).

Or Katz

Or Katz

January 6, 2014 11:30 AM

Analyzing a Malicious Botnet Attack Campaign Through ...

Two of the most prominent evolutions in the web application attacks landscape are scale and volume. Nowadays, attackers use tremendous amounts of computing resources such as those provided by cloud computing and botnets, in order to mount distributed large-scale attack campaigns over the Internet while keeping their identity hidden. From a security defense point of view, such attacks are a nightmare - they are much harder to detect and