Akamai Diversity

The Akamai Blog

Or Katz

Or Katz

January 19, 2018 1:33 AM

Gone Phishing For The Holidays

Written by Or Katz and Amiram Cohen Overview: While our team, Akamai's Enterprise Threat Protector Security Research Team, monitored internet traffic throughout the 2017 holiday season, we spotted a wide-spread phishing campaign targeting users through an advertising tactic. During the six week timeframe, we tracked thirty different domains with the same prefix: "holidaybonus{.}com". Each one advertised the opportunity to win an expensive technology prize - a free iPhone 8, PlayStation

AkamAI Research

AkamAI Research

January 17, 2018 12:55 PM

The Botconf Experience

By Yohai Einav, Amir Asiaee, Ali Fakiri-Tabrizi and Alexey Sarychev Originally Posted on January 4, 2018 Earlier this month we took our show on the road, presenting some of our team's work at the Botconf conference in beautiful Montpellier, France. We could talk here for hours about the food, wine, culture, etc., but it would probably be more plausible for our readers to learn about the current developments in the

AkamAI Research

AkamAI Research

January 9, 2018 6:57 AM

A Death Match of Domain Generation Algorithms

By Hongliang Liu and Yuriy Yuzifovich Originally posted on December 29, 2017 Today's post is all about DGA's (Domain Generation Algorithms): what they are, why they came into existence, what are some use cases where they are used, and, most importantly - how to detect and block them. As we will demonstrate here, the most effective defense against DGAs is a combination of traditional methods with modern machine intelligence.

Akamai InfoSec

Akamai InfoSec

January 4, 2018 3:40 PM

Impact of Meltdown and Spectre on Akamai

Overview On Wednesday, January 3rd, researchers from Google Project Zero, Cyberus Technology, Graz University of Technology, and other organizations released details about a pair of related vulnerabilities, dubbed Meltdown and Spectre. These vulnerabilities appear to affect all modern processors and enables malicious code to read sensitive portions of memory on nearly all systems, including computers and mobile devices. Akamai is aware of side-effects of "speculative execution", the core capabilities that

Mike Kun

Mike Kun

December 15, 2017 2:03 PM

Attack of the Killer ROBOT

On Dec 12th, 2017, researchers Hanno Böck, Juraj Somorovsky and Craig Young published a paper detailing an attack they called the Return Of Bleichenbacher's Oracle Threat (ROBOT)(https://eprint.iacr.org/2017/1189). This attack, as the name implies, is an extension of an attack published in 1998 (https://link.springer.com/content/pdf/10.1007%2FBFb0055716.pdf) that affects systems using certain implementations of RSA key exchange. Customers have voiced concerns about this threat and asked how Akamai can help. Customers that use Akamai

Akamai InfoSec

Akamai InfoSec

December 14, 2017 11:54 AM

Akamai, Mirai, & The FBI

Through the end of 2016, and throughout 2017, multiple Mirai-based botnets targeted multiple Akamai customers. The very first Mirai attack against Akamai was a multi-day barrage, weighing in at a peak of 620/Gbps that sent shockwaves across the Internet. The same botnet would go on to conduct several hard hitting attacks across the Internet and cause widespread outages. On December 13, 2017, the Department of Justice (DOJ) announced that multiple

Parag Pathak

Parag Pathak

December 5, 2017 9:00 AM

Retailers capitalize on mobile experiences to genera ...

The results are in, Black Friday and Cyber Monday broke all records in 2017 as the total revenue for these days exceeded $11.5 billion. Anticipating that more consumers would shop online, retailers invested in digital experiences and geared up for the holidays by (i) stocking fewer items in stores to reduce inventory costs and (ii) hiring few seasonal workers. Retailers' predictions were accurate, and their investment in digital experiences paid

Tommy Cormier

Tommy Cormier

November 8, 2017 8:14 AM

Layered Security Without the Layered Complexity

With the recent influx of news reports regarding security incidents, more Chief Information Security Officers (CISOs), Chief Information Officers (CIOs), and IT professionals are reviewing current security infrastructures, policies, and practices to identify potential weaknesses in their security posture. This has long been best practice, but with the progressive use of various attack and threat vectors now employed by malicious actors against businesses, this practice must be constantly in play

Parag Pathak

Parag Pathak

October 30, 2017 8:47 AM

Maximize security insights by integrating threat int ...

Since 2005, when Gartner coined the term, SIEM (Security Information and Event Management) solutions have grown in importance for the security industry. SIEM solutions provide a centralized view to easily access and analyze security information from multiple sources, and then prioritize mitigation efforts based on risk profiles. SIEM also helps organizations meet their security log analysis and incident/event reporting requirements.