Get In Touch
By Samuel Erb & Phil Bertuglia At Akamai, the Enterprise Security Red Team (ESRT) continuously strives to evaluate the security of both our external and internal services. We look at the security of the services we build and purchase for security vulnerabilities that could negatively impact our business and our customers. During a scheduled sorti, the ESRT investigated how to pivot access from a local package management system used to
Executive Summary Recent attacks against Akamai customers have leveraged a networking protocol known as protocol 33, or Datagram Congestion Control Protocol (DCCP). These attacks prompted the Akamai SIRT team to look into the protocol further and offer insights and mitigation strategies for network defenders.
There are many crypto mining malware variants infecting systems on the internet. On Friday, March 4, 2021, I noticed an interesting hit in my honeypot logs. The binary it captured stood out, as it was rather large at 4MB. I immediately thought it would be a crypto miner written in the Go language. I was correct. This one however, has some newer exploits it's using for proliferation.
Last year, the SOTI team pledged to evolve. We had no idea that the evolution before us would require such dramatic changes to how we both live and work. In truth, 2020 was a roller coaster with dramatic ups and downs, encompassing stress, fear, and uncertainty. Even as 2021 unfolds, COVID-19 is still impacting our day-to-day lives at work and at home.
By Kristin Nelson-Patel Previously, I introduced the field of sensor systems architecture and posed a real world example scenario of the unnecessary resource costs and hazards that can happen when the deployment of sensors isn't carefully thought out.
By Kristin Nelson-Patel In the constant press of rolling out ever better products and services to our customers, it can be easy-- and often necessary-- to fall into a reactive mode around reliability. When our systems break, we have an incident process that pulls people together to figure out the problem, and fix, it as quickly as possible. That process works well and is necessary and important for particularly complex
By Fadi Saba A colleague asked me to share my thoughts on building a "better team". I confess, I stumbled on the word "better". Better than what exactly? Sure, in the essence of kaizen (a Japanese term encapsulating the idea of continuous improvement), a team can always be better. But I find it more valuable to think about a team as being "effective".
Having previously decided we need to make a new hire onto our team, part 1 of this series examined how to meet the needs of our team going into the future, instead of just adding surface visible technical skills. In part 2, we designed and built an interviewing sensor platform to identify the best candidates from our pool for our needs. In this final piece, we're looking at a particular
Additional research and reporting provided by: Chad Seaman Executive Summary A recent piece of malware from a known crypto mining botnet campaign has started leveraging Bitcoin blockchain transactions in order to hide its backup C2 IP address. It's a simple, yet effective, way to defeat takedown attempts. Recent infection attempts against Akamai SIRT's custom honeypots uncovered an interesting means of obfuscating command and control (C2) infrastructure information. The operators of