Akamai
Security Intelligence
& Threat Research
Subscribe
Recently by Or Katz
Phishing Factories and Economies
Every day Akamai sees thousands of new phishing pages. Over the last few months one kit, and the pattern it represents, has stood out to our researchers. In today's post, we're going to explore this kit, how it came to be, and what its existence means to the public. Since December, Akamai has tracked the development and deployment of different phishing kits. Some of them are using an almost factory-like
Disturbingly Easy Phishing Attack Development
While speaking to a colleague of mine regarding recent work on Akamai's Enterprise Threat Protector (ETP) Research Team, related to phishing detection and mitigation, we discussed a recent phishing campaign targeting Microsoft users that leveraged free HTML hosting services and how easy it has become to build and deliver phishing website.
Quiz Phishing: One Scam, 78 Variations
Overview Over the past year, Akamai Enterprise Threat Research team monitored the usage of one particular phishing toolkit in the wild. We previously wrote about this phishing toolkit as "Three Questions Quiz". The "Quiz" toolkit is not new to the threat landscape, as its been used in many phishing campaigns in recent years. Our goal here is to present new insights on the evolution and scale of usage of the
Gone Phishing For The Holidays
Written by Or Katz and Amiram Cohen Overview: While our team, Akamai's Enterprise Threat Protector Security Research Team, monitored internet traffic throughout the 2017 holiday season, we spotted a wide-spread phishing campaign targeting users through an advertising tactic. During the six week timeframe, we tracked thirty different domains with the same prefix: "holidaybonus{.}com". Each one advertised the opportunity to win an expensive technology prize - a free iPhone 8, PlayStation
Fast Flux Botnet: Research Results
Just like that, another Akamai Edge has come and gone. If you were able to join us this year, I hope you had a chance to stop by my presentation on Threat Intelligence Insights: An In-Depth Analysis of a Fast Flux Botnet.
Consuming Cyber-security: The Beginning of a New Era
Overview Can you imagine anyone buying a car without airbags and without seat belts? I bet you can't! So why is it that we buy computers without Antivirus software already installed, home routers without a firewall already installed or connected devices (IoT) that are lacking proper security controls?
Improving Credential Abuse Threat Mitigation
Have you ever tried to login to your favorite website and mistakenly typed the wrong user name and password once, or even twice? I bet you have. And what about submitting a third consecutive false attempt? In most cases, at that point a secure website will start questioning the integrity of your actions. From a defense point of view, websites should suspend and limit false login attempts to confirm authenticity
The Year of Attacking "Things"
Yearly Review 2016 was an exciting year; a year in which hazards related to the Intent of Things (IoT) became trendy small talk in many living rooms around the world. For us, the members of the InfoSec community, it was the year when the security risks of IoT devices evolved from being theoretical to becoming a practical problem to us all. It was the year in which we all realized