Get In Touch
Overview Over a year ago, Akamai's threat research team published research regarding a widely-used phishing toolkit we referred to as the "Three Question Quiz". It's now time to review the evolution of the toolkit, the associated campaigns that we tracked in the wild, and the potential damage caused by those campaigns in the past year.
This blog post was six months in the making. Sometimes you make plans. Sometimes those plans get pushed to the side, torn up, and thrown into the wind. That's what happened with this issue of our report.
By: Larry Cashdollar Malware that can target Windows and Linux systems was recently installed on my honeypot. After some investigation, I determined it to be similar to the malware discovered in February of 2019 by Malwarebytes, and later examined by Fortinet in October that same year. Written in Golang, the malware is called Stealthworker. Once a system is successfully infected, the attackers will use it to probe other targets in
The internationalized domain name (IDN) homograph attack is used to form domain names that visually resemble legitimate domain names, albeit, using a different set of characters . For example, the IDN "xn--akmai-yqa.com" which appears in unicode as "akámai.com" visually resembles the legitimate domain name "akamai.com". Attackers often apply IDN homograph attacks to form domain names that are used for malicious purposes, such as malware distribution  or phishing , while
I remember sitting down to "crack the cover" of the very first Verizon Data Breach Investigation Report (DBIR) a lifetime ago. I was the security manager of a small hosting company and the report was the first time I'd ever seen a real, data driven effort to quantize breaches and the security problems we were facing daily. It was the first time we had real data, rather than theories, opinions
On April 29, 2020, the Salt management framework, authored by the IT automation company SaltStack, received a patch concerning two CVEs; CVE-2020-11651, an authentication bypass vulnerability, and CVE-2020-11652, a directory-traversal vulnerability.
Since COVID-19 isolation protocols started in the United States in early March, bad actors have had a lot of time on their hands and a large pool of victims to target. Thousands of people, millions across the globe, suddenly found themselves working from home and away from many of the enterprise-grade protections that governed their day-to-day workflow.
Introduction In our previous post, The Building Wave of Internet Traffic, we looked at the traffic patterns across Europe and the effect the COVID-19 pandemic has had. We examined traffic in Italy, Poland, and Spain, and demonstrated how we observed huge surges of traffic around the implementation of isolation protocols, which then reduced to more normal levels in the days after. Though, it's important to note this new level of
Researchers at Akamai have identified a new phishing campaign targeting users in Brazil who are worried about their finances during the COVID-19 epidemic. Over two weeks, we identified that the three-question quiz campaign successfully targeted more than 850,000 victims, scamming them out of personal information, and in some cases, convincing them to install Adware on their computer.