Get In Touch
On July 2, 2021, Kaseya disclosed an active attack against customers using its VSA product, and urged all on-premise customers to switch-off Kaseya VSA. Shortly before this alert, users on Reddit started describing ransomware incidents against managed security providers (MSPs), and the common thread among them was on-premise VSA deployments. In the hours to follow, several indicators of compromise (IOCs) were released, and Akamai was able to observe some of
Welcome to the second edition of SOTI Research. In this edition, we look at the attacks and trends in the gaming industry during 2020. SOTI Research is a condensed, shorter version of our traditional State of the Internet / Security reports, offering focused data points and contextual awareness across a number of threat landscapes.
This is a write up of a NorthSec 2021 CTF problem I solved with Allan Wirth (@Allan_Wirth) as part of team SaaS which finished in 3rd. It was an extremely creative problem to solve so I wanted to share it here. Notes: The strange name and prompt are medieval themed, as was the rest of the CTF. The .ctf links below will not work as the CTF was run on
By: Aleksandra Blaszczyk Introduction When you hear the word "malware", the first thing that might come to your mind is a PC or laptop. You think about some weird advertising pop-ups or unrecognized processes running in the background. We tend to forget that our mobile device is also a small computer. This small computer is mostly used to text friends, check news, or even watch funny cat videos; and yet,
While examining my honeypot logs and digging through the newly downloaded binaries last week, I noticed a large compressed file. I figured it would be a crypto miner, typically a tar archive and gzip (normally erroneously) compressed. I moved the archive over to my test lab and started examining the contents.
It's that time again -- the launch of the second State of the Internet / Security report of 2021. While Akamai has access to some of the largest security data sets in the world, our viewpoint is limited to the traffic that traverses our networks and is seen by our tools.
Introduction By the time you read this post, the 2021 Verizon Data Breach Investigation Report (DBIR) will be published. Akamai has been one of the many partners contributing data to this report for more than half a decade. We greatly value the time, effort, and dedicated data science that goes into providing this level of research to the security community. On a personal level, my excitement about this report may
Tax scams are some of the oldest scams in a criminal's book, and they're highly attractive to criminals for many reasons. The most obvious reason is the potential financial gain of a successful scam. Successful scams can lead to the compromise of sensitive information, resulting in identity theft or fraudulent activity.
Criminals love tax season. The stress and urgency surrounding this time of year makes the victim pool highly vulnerable to various types of schemes. In addition to phishing, tax season is also the time of year when criminals focus their efforts towards other types of attacks including Local File Inclusion (LFI), SQL Injection (SQLi), and credential stuffing.