Akamai Diversity

Akamai Security Intelligence
& Threat Research

Daniel Abeles

Daniel Abeles

January 20, 2020 9:00 AM

Abusing the Service Workers API

The Service Worker web API is a powerful new API for web browsers. During our research, we have found several ways attackers can leverage this API to enhance their low-to-medium risk findings into a powerful and meaningful attack. By abusing this API, an attacker can also leave his footprint in the victim's browser and potentially leak sensitive information. By the end of this post, you will have the basics

Akamai

Akamai

January 13, 2020 12:00 PM

HTTP Cache Poisoning Advisory

Summary On January 14, 2020, CERT CC published an advisory warning of the potential use of Content Delivery Networks (CDNs) to cache malicious traffic. Akamai acknowledges this issue and has been aware of similar research in the past. This advisory highlights a reflected XSS vulnerability in origin web applications that exists whether or not a CDN is involved, exacerbated by having responses cached. Site operators should be aware that HTTP

Samuel Erb

Samuel Erb

December 20, 2019 9:00 AM

Do Not Trust User Input While Rendering PDFs

I recently had the opportunity to team up with three other security researchers (Brett Buerhaus, Cody Brocious (Daeken), Olivier Beg (Smiegles)) to examine the usage of PDF renders on the Internet.

Or Katz

Or Katz

December 17, 2019 9:00 AM

Access and Threat Insights: Thanksgiving

Overview Thanksgiving in the United States is considered by many to mark a good time of year to gain insight into enterprise access and threats. From an enterprise point of view, Thanksgiving is when many American users will be on vacation, but may still working from home, in some capacity. It's interesting to see users' access patterns as they pertain to enterprise applications, such as email or other SaaS platforms,

Larry Cashdollar

Larry Cashdollar

December 11, 2019 9:00 AM

Exploring Legacy Unix Security Issues

Sometimes after looking at web application security, IoT botnets, and various malware I long for the pre-2000 hacking days. Where, instead of looking for XSS or SQL injection vulnerabilities, you would be hunting for server-side vulnerabilities. This summer, I was gifted an SGI Indy R5000. I'd mentioned on Twitter a while back that I'd love to have an IRIX system in my lab, since this was the system I'd discovered

Amanda Fakhreddine

Amanda Fakhreddine

December 4, 2019 6:00 AM

2019: A Year In Review with State of the Internet/ S ...

December is typically a time where many people and businesses take a moment to reflect on everything that happened during the last 12 months. Everything - the good, the bad and the ugly.

Or Katz

Or Katz

November 20, 2019 9:00 AM

Out of Season IRS Phishing Campaigns

Over the past two months, Akamai's threat research team has been closely monitoring a phishing campaign that impersonates the official Internal Revenue Service (IRS) website, and is requesting sensitive information, email addresses, and passwords.

Larry Cashdollar

Larry Cashdollar

November 18, 2019 9:00 AM

Update to x86 XMR Crypto Mining Blog Post

Back in August, I wrote an article about XMR crypto mining software targeting x86/I686 systems. This is a follow-up to that original malware analysis. Previously, I discussed an attacker who, using known default login credentials, targets enterprise systems to mine the XMR cryptocurrency.

Akamai SIRT Alerts

Akamai SIRT Alerts

November 15, 2019 5:15 PM

Fake Cozy Bear Group Making DDoS Extortion Demands

A group calling themselves "Cozy Bear" has been emailing various companies with an extortion letter, demanding payment and threatening targeted DDoS attacks if their demands are not met.