Akamai Diversity

Akamai Security Intelligence
& Threat Research

Ryan Barnett

Ryan Barnett

July 15, 2021 8:00 AM

Kaseya supply chain ransomware attack

On July 2, 2021, Kaseya disclosed an active attack against customers using its VSA product, and urged all on-premise customers to switch-off Kaseya VSA. Shortly before this alert, users on Reddit started describing ransomware incidents against managed security providers (MSPs), and the common thread among them was on-premise VSA deployments. In the hours to follow, several indicators of compromise (IOCs) were released, and Akamai was able to observe some of

Amanda Fakhreddine

Amanda Fakhreddine

June 23, 2021 5:00 AM

SOTI Research: Gaming In A Pandemic

Welcome to the second edition of SOTI Research. In this edition, we look at the attacks and trends in the gaming industry during 2020. SOTI Research is a condensed, shorter version of our traditional State of the Internet / Security reports, offering focused data points and contextual awareness across a number of threat landscapes.

Samuel Erb

Samuel Erb

June 22, 2021 8:00 AM

NorthSec CTF 2021 Write Up: "Impurity Assessment For ...

This is a write up of a NorthSec 2021 CTF problem I solved with Allan Wirth (@Allan_Wirth) as part of team SaaS which finished in 3rd. It was an extremely creative problem to solve so I wanted to share it here. Notes: The strange name and prompt are medieval themed, as was the rest of the CTF. The .ctf links below will not work as the CTF was run on

Guest Blogger

Guest Blogger

June 21, 2021 9:00 AM

What a funny app I got here!

By: Aleksandra Blaszczyk Introduction When you hear the word "malware", the first thing that might come to your mind is a PC or laptop. You think about some weird advertising pop-ups or unrecognized processes running in the background. We tend to forget that our mobile device is also a small computer. This small computer is mostly used to text friends, check news, or even watch funny cat videos; and yet,

Larry Cashdollar

Larry Cashdollar

May 24, 2021 8:00 AM

Romanian Crypto Mining Infection

While examining my honeypot logs and digging through the newly downloaded binaries last week, I noticed a large compressed file. I figured it would be a crypto miner, typically a tar archive and gzip (normally erroneously) compressed. I moved the archive over to my test lab and started examining the contents.

Amanda Fakhreddine

Amanda Fakhreddine

May 19, 2021 5:00 AM

Now Launching: SOTI - Phishing For Finance

It's that time again -- the launch of the second State of the Internet / Security report of 2021. While Akamai has access to some of the largest security data sets in the world, our viewpoint is limited to the traffic that traverses our networks and is seen by our tools.

Martin McKeay

Martin McKeay

May 13, 2021 10:22 AM

Partnering with Verizon on the 2021 DBIR

Introduction By the time you read this post, the 2021 Verizon Data Breach Investigation Report (DBIR) will be published. Akamai has been one of the many partners contributing data to this report for more than half a decade. We greatly value the time, effort, and dedicated data science that goes into providing this level of research to the security community. On a personal level, my excitement about this report may

Or Katz

Or Katz

May 5, 2021 8:00 AM

Two Years of Tax Phishing - The Oldest Scam in the B ...

Tax scams are some of the oldest scams in a criminal's book, and they're highly attractive to criminals for many reasons. The most obvious reason is the potential financial gain of a successful scam. Successful scams can lead to the compromise of sensitive information, resulting in identity theft or fraudulent activity.

Steve Ragan

Steve Ragan

April 6, 2021 8:00 AM

Tax Season: Criminals Play the Numbers Game Too

Criminals love tax season. The stress and urgency surrounding this time of year makes the victim pool highly vulnerable to various types of schemes. In addition to phishing, tax season is also the time of year when criminals focus their efforts towards other types of attacks including Local File Inclusion (LFI), SQL Injection (SQLi), and credential stuffing.