Akamai Diversity

The Akamai Blog

Barry Greene

Barry Greene

August 22, 2017 1:22 PM

What makes a good "DNS Blacklist"? - Part 1

Reflections on Modern Actionable Threat Intelligence used to turn a DNS Resolver into a Critical Security Tool Akamai has just launched the Enterprise Threat Protection (ETP) platform. ETP is built on Akamai's global AnswerX Cloud that now reaches 28 countries and is expanding to new countries every month. As a new player in Cloud DNS resolver services, competitors will ask "why Akamai?" or "what gives Akamai the knowledge and capacity

Or Katz

Or Katz

July 12, 2017 2:11 PM

The Slippery Slope Starts with "Get 2 Free Airline T ...

Written by Or Katz and Raviv Perets A widespread phishing scam that offers free airline tickets has been spotted in the wild by Akamai's Enterprise Threat Protector (ETP) security research team. The campaign uses a number of social engineering techniques to trick people into providing their private information. When someone clicks on the link in the phishing email, they are taken to a dedicated website that tells them they have

Lorenz Jakober

Lorenz Jakober

June 27, 2017 7:10 AM

Akamai Launches New Solution to Help Enterprise Secu ...

Today, we are proud to introduce Akamai Enterprise Threat Protector (ETP). ETP is designed to provide customers quick-to-deploy and easy-to-manage cloud-based protection against the impact of complex, targeted threats such malware, ransomware, phishing, and DNS‑based data exfiltration. One organization already seeing the benefit of using Enterprise Threat Protector is innovator in cruise travel, Norwegian Cruise Line. According to Fidel Perez, the company's Director of Enterprise Architecture and Performance, "An important

Lorenz Jakober

Lorenz Jakober

June 13, 2017 8:29 AM

Advanced, Targeted Threats: What do They Mean for Yo ...

Too often, we are so focused on our day-to-day that we neglect to consider the bigger picture. I have been writing about recursive DNS and threat intelligence, Domain Generation Algorithms (DGAs), and DNS-based data exfiltration assuming that the vast majority of readers are familiar with the business impact of malware, ransomware, and phishing. Turns out, that isn't necessarily the case.

Lorenz Jakober

Lorenz Jakober

June 1, 2017 8:19 AM

20 Years of DNS Data Exfiltration: Why, How, and Wh ...

In the last few posts, I talked about why recursive DNS (rDNS) combined with threat intelligence makes for such a simple-to-deploy security solution that effectively mitigates and prevents advanced, targeted threats. Not to belabor the point, but the recent punycode phishing news makes the effectiveness of rDNS plus threat intel even more evident. Identifying punycode domains lexically through a combination of rDNS and threat intel is quite straightforward, either by

Avi Aminov

Avi Aminov

May 24, 2017 9:19 AM

Spotlight on Malware DGA Communication Technique

Written by Avi Aminov and Or Katz Overview Imagine you are standing in the middle of a crowded train station and want to have a private conversation with an old friend. You've been waiting for the perfect time to contact him and get some advice on how to move forward with some important life choices. But you couldn't wait any longer, and now you're on a train platform. There are

Lorenz Jakober

Lorenz Jakober

May 17, 2017 10:11 AM

What Are Domain Generation Algorithms (DGAs) And Why ...

Last time I talked about how a proactive approach to defending against targeted threats using cloud-based recursive DNS and threat intelligence just makes sense. Taking this proactive approach early in the killchain can help mitigate known and unknown threats before any IP connection, file download or execution even happens. So, what are some of the common targeted threats and/or DNS-based techniques that we run across? We generally see malware, ransomware,

Lorenz Jakober

Lorenz Jakober

April 26, 2017 12:40 PM

Recursive DNS - The Achilles Heel Of Advanced Threat ...

We all know what happens whenever anyone or anything tries to access a resource on the Internet. It all starts with a DNS request that translates a URL (www.akamai.com) into an IP address (104.97.77.24): Now if we dive a little deeper into the DNS request flow we can see the requester make a request to the recursive DNS infrastructure of either their ISP or their enterprise. In other words recursive