Akamai Diversity

Akamai Security Intelligence
& Threat Research

October 2019 Archives

Amanda Fakhreddine

Amanda Fakhreddine

October 30, 2019 5:00 AM

State of the Internet Security: Phishing - Baiting t ...

This Halloween, the scariest thing you might encounter could be lurking on the device you're reading this on.

Larry Cashdollar

Larry Cashdollar

October 21, 2019 8:00 AM

A Cryptomining SSH Worm

Recently, I noticed an interesting cryptomining script in my honeypot. It had all the usual checks for CPU and architecture type before downloading a binary. It even had the usual kill any processes that might be other cryptominers. However, what caught my eye was a one-line shell script that searched through .ssh/known_hosts and .ssh/id_pub.pub keys, in an attempt to infect other systems that might share SSH keys with the infected

Larry Cashdollar

Larry Cashdollar

October 7, 2019 8:00 AM

Drupalgeddon2 still used in attack campaigns

While examining Akamai's network attack logs, I noticed an attack campaign leveraging Drupalgeddon2. Drupalgeddon2 is an unauthenticated remote code execution vulnerability (CVE-2018-7600) in the Drupal CMS platform that was patched in March 2018.