Get In Touch
Authors: Or Katz, Principal Lead Security Researcher, Akamai; Raviv Perets, Senior Security Researcher, Akamai; Guy Matzliach, Security Researcher, Akamai Introduction Recently, we have seen large-scale botnets used to execute attacks rarely seen in the past. These botnets incorporate new features and have bigger capabilities. How do these botnets remain resilient to detection?
With high-profile security attacks occurring every day, organizations are more concerned than ever with cyber security. Many are going well beyond anti-virus protection and firewalls to adopt multiple layers of security such as intruder prevention systems, sandboxing, and secure web gateways. Yet most IT departments fail to protect the recursive Domain Name System (DNS). This oversight leaves valuable data and personal information on their networks wide open to attack by
Written by Asaf Nadler and Avi Aminov Updated 2/14/19 After the initial publication of this blog post, Asaf Nadler and Avi Aminov wrote a paper on the detection of malicious and low throughput data exfiltration over the DNS protocol. The DNS protocol is a naming system for host machines and an essential component in the functionality of the Internet. The vast number of domains and subdomains on the Internet today
Provider networks continue to experience growth in traffic, which raises costs, without corresponding growth in revenues. Accommodating this growth and increasing complexity while managing costs is forcing CSPs to assess how they build and maintain their networks. Everyone agrees everything ultimately resolves to software and fortunately there's been considerable innovation that will support provider business imperatives.
DNS was first conceived in 1983, back when one of the most memorable movie quotes of all time was popularized: "Go ahead, make my day" (Clint Eastwood in "Sudden Impact"). The internet as we know it today did not yet exist; however, ARPANET, its predecessor network, was the exclusive domain of a small group of academics and researchers, so no one gave much thought to security. A lot has changed.
Background Akamai Technologies recently contributed its "Serve Stale" DNS algorithm to Version 9 of the Internet Systems Consortium's (ISC) Berkeley Internet Name Domain (BIND) open source Domain Name System (DNS) project. As the Internet's most widely used DNS implementation, BIND operates ubiquitously throughout the Internet. The ongoing availability of answers from BIND servers is a critical element for the ongoing availability of the Internet for many users.
The cyber threat landscape is dynamic and accelerating. 2017 has already seen several large-scale ransomware attacks that crippled private and public organizations across the globe. More than 390,000 malicious programs continue to be registered every programs are registered every day.1 And significant data breaches have been reported since January, revealing the sensitive personal information of billions of customers to date.2 While it is estimated that cyber crime currently costs the
With IoT on the rise, consumers are rightfully afraid of privacy invasions. But, infected devices can serve far more sinister purposes. Herewith, we breakdown the ways a botnet works.
We just conducted our monthly Cyber Insider discussion, this time focusing on what deep analysis of new core domains reveals about new threats and zero-day malware. As a company that processes 1.7 trillion DNS queries a day and analyzes 100 billion queries a day from our global service provider customers, we are in a unique position to gain insights.