Akamai Diversity

Akamai Security Intelligence
& Threat Research

Amanda Fakhreddine

Amanda Fakhreddine

September 23, 2020 5:00 AM

State of the Internet/ Security: You Can't Solo Secu ...

We all know that security touches virtually every vertical and impacts our daily lives. But the topic of games, and the gaming industry, is near and dear to the SOTI team's hearts. Many on our team are gamers, and this year, the gaming world has been more than just a place to pass time and build worlds - it's been a way to keep the feeling of community alive.

Akamai SIRT Alerts

Akamai SIRT Alerts

August 17, 2020 3:54 PM

Ransom Demands Return: New DDoS Extortion Threats Fr ...

Update 08/24/2020 As mentioned below, the Akamai SIRT has been tracking attacks from the so-called Armada Collective and Fancy Bear actors, who are sending ransom letters to various industry verticals such as finance, travel, and e-commerce. In addition to the information in our previous advisory, we can confirm that we're now seeing attacks peak at almost 200 Gb/sec, utilizing ARMS, DNS Flood, GRE Protocol Flood, SNMP Flood, SYN Flood, and

Or Katz

Or Katz

July 30, 2020 8:00 AM

Question Quiz - The Forgotten Scam

Overview Over a year ago, Akamai's threat research team published research regarding a widely-used phishing toolkit we referred to as the "Three Question Quiz". It's now time to review the evolution of the toolkit, the associated campaigns that we tracked in the wild, and the potential damage caused by those campaigns in the past year.

Amanda Fakhreddine

Amanda Fakhreddine

July 15, 2020 5:30 AM

State of the Internet / Security: Special Media Edit ...

This blog post was six months in the making. Sometimes you make plans. Sometimes those plans get pushed to the side, torn up, and thrown into the wind. That's what happened with this issue of our report.

Threat Research Team

Threat Research Team

June 4, 2020 9:00 AM

Stealthworker: Golang-based brute force malware stil ...

By: Larry Cashdollar Malware that can target Windows and Linux systems was recently installed on my honeypot. After some investigation, I determined it to be similar to the malware discovered in February of 2019 by Malwarebytes, and later examined by Fortinet in October that same year. Written in Golang, the malware is called Stealthworker. Once a system is successfully infected, the attackers will use it to probe other targets in

Asaf Nadler

Asaf Nadler

May 27, 2020 8:00 AM

Watch Your Step: The Prevalence of IDN Homograph Att ...

The internationalized domain name (IDN) homograph attack is used to form domain names that visually resemble legitimate domain names, albeit, using a different set of characters [1]. For example, the IDN "xn--akmai-yqa.com" which appears in unicode as "akámai.com" visually resembles the legitimate domain name "akamai.com". Attackers often apply IDN homograph attacks to form domain names that are used for malicious purposes, such as malware distribution [2] or phishing [3], while

Martin McKeay

Martin McKeay

May 19, 2020 7:02 AM

Contributing to the Verizon Data Breach Investigatio ...

I remember sitting down to "crack the cover" of the very first Verizon Data Breach Investigation Report (DBIR) a lifetime ago. I was the security manager of a small hosting company and the report was the first time I'd ever seen a real, data driven effort to quantize breaches and the security problems we were facing daily. It was the first time we had real data, rather than theories, opinions

Larry Cashdollar

Larry Cashdollar

May 5, 2020 9:05 AM

SaltStack Vulnerabilities Actively Exploited in the ...

On April 29, 2020, the Salt management framework, authored by the IT automation company SaltStack, received a patch concerning two CVEs; CVE-2020-11651, an authentication bypass vulnerability, and CVE-2020-11652, a directory-traversal vulnerability.

Steve Ragan

Steve Ragan

May 5, 2020 8:00 AM

Credential Stuffing Attacks During the COVID-19 Pand ...

Since COVID-19 isolation protocols started in the United States in early March, bad actors have had a lot of time on their hands and a large pool of victims to target. Thousands of people, millions across the globe, suddenly found themselves working from home and away from many of the enterprise-grade protections that governed their day-to-day workflow.