Akamai Diversity

Akamai Security Intelligence
& Threat Research

Martin McKeay

Martin McKeay

January 12, 2021 9:00 AM

Why I Hate Security Predictions: Part 1

Security predictions have been a staple of news in the security industry for as long as I've been in this profession. I hate them. Every December and January, there's a spate of stories written about what the "experts" expect for the upcoming year. With rare exceptions, they fall into one of three categories: more of the same, growth in a specific attack type, or "the year of" . Some of

Larry Cashdollar

Larry Cashdollar

January 6, 2021 9:00 AM

What happens when your vulnerability is weaponized f ...

An examination of exploits used by the KashmirBlack botnet Not too long ago, I read a couple of excellent articles by Sarit Yerushalmi and Ofir Shaty on their research of the KhasmirBlack botnet, which are published here and here. Their articles described the KashmirBlack botnet infecting sites via various exploitable WordPress plugins. One of the things I noticed is that the botnet used some of my own vulnerability disclosures, so

Steve Ragan

Steve Ragan

December 22, 2020 11:15 AM

What A Year: A Discussion

This year has been a strange one. For the final podcast of 2020, Martin and Steve look back on everything that happened this year, and offer some thoughts and advice for 2021. Thanks for listening! We'll see you soon.

Yael Daihes

Yael Daihes

December 18, 2020 9:00 AM

Tackling DGA based malware detection in DNS traffic

Earlier this year, Akamai's Enterprise team tackled the problem of DGA detection in the wild by using Neural Networks, essentially creating a state-of-the-art solution for near online detection of DGA communication.

Steve Ragan

Steve Ragan

December 10, 2020 9:12 AM

A Discussion With CSO Andy Ellis

In this week's podcast, Steve and Andy talk about his recent Reddit AMA, and the best food to have on hand for a security incident. The topic is an off-shoot of the best wine pairing question from the AMA, and Andy adds to that answer with the story behind his choice of wine (1976 Chateau Gloria, Saint-Julien) for an internet meltdown. https://www.reddit.com/r/netsec/comments/jp73qv/i_am_the_chief_security_officer_at_akamai_and_i/

Guest Blogger

Guest Blogger

December 9, 2020 5:00 PM

Evading Link Scanning Security Services with Passive ...

By Gal Bitensky, Executive Summary Link scanners are a critical component in multiple classes of security products including email security suites, websites that suggest direct inspection of a suspicious link, and others. Behind the scenes, these services use web clients to fetch the contents of a link. This is, by definition, a bot, what we often nickname "a good bot." This research discusses scenarios where threat actors apply classic tactics

Amanda Fakhreddine

Amanda Fakhreddine

December 9, 2020 6:00 AM

State of The Internet Security 2020 Year In Review

What a year it's been. . Just as the ink started to dry on those first pages of 2020, we opened up our first report with this: "As we look forward to the year ahead, the staff that produces the State of the Internet / Security report really only has one resolution -- evolve. It's an interesting mandate, because we're not the only ones evolving. Criminals have started to evolve,

Or Katz

Or Katz

December 8, 2020 9:00 AM

Phishing Summary 2020 - Trends and Highlights

2020 was a challenging year for many of us, as the COVID-19 pandemic disrupted life and introduced challenges in almost all elements of living. 2020 was also challenging from a cybersecurity point of view, as nearly the entire workforce moved to remote working and enterprise boundaries were never so vague, which introduced complexities on that end. As this year comes to an end, it's time to look back and highlight

Larry Cashdollar

Larry Cashdollar

November 20, 2020 9:00 AM

WordPress Malware Setting Up SEO Shops

While recently looking over my honeypots, I discovered an infection where a malicious actor added a storefront on top of my existing WordPress installation. For background, this particular honeypot is a full instance of WordPress running on a Docker image. The administrator credentials are intentionally weak, in order to give those with malicious intent easy access. This way I can examine what attacks the vulnerable site will undergo and what