Akamai Diversity

The Akamai Blog

Lorenz Jakober

Lorenz Jakober

June 1, 2017 8:19 AM

20 Years of DNS Data Exfiltration: Why, How, and Wh ...

In the last few posts, I talked about why recursive DNS (rDNS) combined with threat intelligence makes for such a simple-to-deploy security solution that effectively mitigates and prevents advanced, targeted threats. Not to belabor the point, but the recent punycode phishing news makes the effectiveness of rDNS plus threat intel even more evident. Identifying punycode domains lexically through a combination of rDNS and threat intel is quite straightforward, either by

Akamai

Akamai

May 31, 2017 10:56 AM

Delivering a Safe, Reliable Internet to Canadians

The Domain Name System - the DNS - is the foundation of the internet. Beyond connecting IP addresses with web requests, DNS provides the basis for both the detection of and protection from global cyberthreats before they reach an organization's corporate network resources --particularly given that more than 90% of malware uses DNS for command and control. This presents a tremendous opportunity for service providers to utilize their DNS infrastructure

Arlen Frew

Arlen Frew

May 24, 2017 12:29 PM

Security as a Service for SMBs: How ISPs can Fill a ...

With cyberattacks affecting SMBs at an alarming rate, business owners are challenged with putting strong enough security in place to protect them from the average $20,000 price tag per incident. Ransomware, in particular, has hit the SMB sector hard. As stated in a recent study by Arctic Wolf Networks, last year saw a 433% increase in ransomware attacks against SMBs1 - a number that is expected to grow.

Avi Aminov

Avi Aminov

May 24, 2017 9:19 AM

Spotlight on Malware DGA Communication Technique

Written by Avi Aminov and Or Katz Overview Imagine you are standing in the middle of a crowded train station and want to have a private conversation with an old friend. You've been waiting for the perfect time to contact him and get some advice on how to move forward with some important life choices. But you couldn't wait any longer, and now you're on a train platform. There are

Lorenz Jakober

Lorenz Jakober

May 17, 2017 10:11 AM

What Are Domain Generation Algorithms (DGAs) And Why ...

Last time I talked about how a proactive approach to defending against targeted threats using cloud-based recursive DNS and threat intelligence just makes sense. Taking this proactive approach early in the killchain can help mitigate known and unknown threats before any IP connection, file download or execution even happens. So, what are some of the common targeted threats and/or DNS-based techniques that we run across? We generally see malware, ransomware,

Craig Sprosts

Craig Sprosts

May 15, 2017 4:36 PM

Taking a Defense in Depth Approach to Ransomware

By now you've most likely heard about the WannaCry (a.k.a. WannaCrypt) ransomware that began wreaking havoc in parts of the world this past Friday (May 12, 2017). Given Nominum's, now part of Akamai, broad, deep view into DNS data from our service provider customers around the world, we were able to gather insights into how WannaCry made its way onto subscriber networks around the globe (see the WannaCry: views from

Meg Grady-Troia

Meg Grady-Troia

May 11, 2017 3:12 PM

DDoS Attacks against DNS Infrastructure in the News

DNS-based DDoS attacks have gained mindshare among Akamai customers lately, most recently with last year's Dyn attacks (written about on the Akamai Blog here and here) and this week's attack against Cedexis. DNS infrastructure is a ripe target for malicious actors hoping to disrupt a digital property's availability because it provides the initial resolution for an end user's browser client from hostname to IP address. At best, an attack against

Yohai Einav

Yohai Einav

May 9, 2017 11:42 AM

From "New Core Domains" to "Zero-day Attacks"

Excerpted from Nominum Spring 2017 Security Report In late April, we released the Nominum Spring 2017 Security Report, the latest report on our security research team's DNS and HTTP analysis which provides a comprehensive view of the current cyberthreat landscape. In the report, we take a look at "new core domains" and how they help us identify "zero-day attacks" so we can take steps mitigate them.

Lorenz Jakober

Lorenz Jakober

April 26, 2017 12:40 PM

Recursive DNS - The Achilles Heel Of Advanced Threat ...

We all know what happens whenever anyone or anything tries to access a resource on the Internet. It all starts with a DNS request that translates a URL (www.akamai.com) into an IP address (104.97.77.24): Now if we dive a little deeper into the DNS request flow we can see the requester make a request to the recursive DNS infrastructure of either their ISP or their enterprise. In other words recursive