Get In Touch
August 2019 Archives
I have been playing close attention to Internet of Things (IoT) malware targeting systems with Telnet enabled, while also collecting samples targeting systems with SSH enabled on port 22. I've collected over 650 samples landing in my honeypot within the last week. The earliest sample showed up on July 24th at 20:06. The honeypot allows logins using known default login credentials for root.
On Tuesday, August 13th at 10 AM Pacific Time (1700UTC), Netflix publicly disclosed a series of vulnerabilities found by Jonathan Looney that impact many implementations of the HTTP2 protocol. A vulnerability found by Piotr Sikora of Google was also released at the same time. Akamai is grateful to the reporters for their work and pre-release coordination.
As phishing websites become more advanced, by using rich functionality and customized workflows, evidence indicates that web analytics plugins are being commonly used in phishing kits. This enables threat actors to have stronger visibility into victim profiles and their behavior once they have landed on the scam website. This, in turn, can lead to future optimizations of the phishing kit and scam's distribution.