Get In Touch
Last time I talked about how a proactive approach to defending against targeted threats using cloud-based recursive DNS and threat intelligence just makes sense. Taking this proactive approach early in the killchain can help mitigate known and unknown threats before any IP connection, file download or execution even happens. So, what are some of the common targeted threats and/or DNS-based techniques that we run across? We generally see malware, ransomware,
By now you've most likely heard about the WannaCry (a.k.a. WannaCrypt) ransomware that began wreaking havoc in parts of the world this past Friday (May 12, 2017). Given Nominum's, now part of Akamai, broad, deep view into DNS data from our service provider customers around the world, we were able to gather insights into how WannaCry made its way onto subscriber networks around the globe (see the WannaCry: views from
DNS-based DDoS attacks have gained mindshare among Akamai customers lately, most recently with last year's Dyn attacks (written about on the Akamai Blog here and here) and this week's attack against Cedexis. DNS infrastructure is a ripe target for malicious actors hoping to disrupt a digital property's availability because it provides the initial resolution for an end user's browser client from hostname to IP address. At best, an attack against
Excerpted from Nominum Spring 2017 Security Report In late April, we released the Nominum Spring 2017 Security Report, the latest report on our security research team's DNS and HTTP analysis which provides a comprehensive view of the current cyberthreat landscape. In the report, we take a look at "new core domains" and how they help us identify "zero-day attacks" so we can take steps mitigate them.
We all know what happens whenever anyone or anything tries to access a resource on the Internet. It all starts with a DNS request that translates a URL (www.akamai.com) into an IP address (22.214.171.124): Now if we dive a little deeper into the DNS request flow we can see the requester make a request to the recursive DNS infrastructure of either their ISP or their enterprise. In other words recursive
Inside the Mind of a CybercriminalThe rise of open source malware, IoT-based threats, and criminal services-for-hire is fomenting a new era in cybercrime. While global cybercrime is expanding and cybercriminals are stuffing their bank accounts, individuals and businesses (especially SMBs) are directly impacted. Many worry about the safety and security of their online experiences and what communication service providers (CSPs) are doing to protect them.
I recently sat down with Steve Saunders of Light Reading to talk about the role DNS plays in understanding and fighting emerging cyberthreats. In the interview, we went through the highlights of Nominum's, now part of Akamai, recent Data Science report, in which our Data Science team studied more than 15 trillion queries over a three-month period and reported on the world of cybersecurity through the lens of DNS, uncovering
With cyberthreats increasing in size and scope, businesses are scrambling to find new ways to protect their financial and human capital assets. Many enterprise solutions offer endpoint protection and network security, but the SMB sector doesn't have the budget to deploy enterprise security solutions and typically lacks the in-house expertise to keep their networks and users adequately protected. In particular, as employees bring mobile devices onto corporate networks, and with
One of the biggest cyberthreats making the rounds on the internet is the Mirai botnet. Mirai targets connected Internet of Things (IoT) devices, using each infected device to launch DDoS attacks and cause website outages around the globe by flooding them with queries. Examples of recent Mirai-generated web outages are the Dyn attack which took down or significantly slowed sites like Airbnb, Twitter, the New York Times, CNN, Fox News,