Akamai
Security Intelligence
& Threat Research
Subscribe
Why I Hate Security Predictions: Part 1
Security predictions have been a staple of news in the security industry for as long as I've been in this profession. I hate them. Every December and January, there's a spate of stories written about what the "experts" expect for the upcoming year. With rare exceptions, they fall into one of three categories: more of the same, growth in a specific attack type, or "the year of" . Some of
What happens when your vulnerability is weaponized f ...
An examination of exploits used by the KashmirBlack botnet Not too long ago, I read a couple of excellent articles by Sarit Yerushalmi and Ofir Shaty on their research of the KhasmirBlack botnet, which are published here and here. Their articles described the KashmirBlack botnet infecting sites via various exploitable WordPress plugins. One of the things I noticed is that the botnet used some of my own vulnerability disclosures, so
What A Year: A Discussion
This year has been a strange one. For the final podcast of 2020, Martin and Steve look back on everything that happened this year, and offer some thoughts and advice for 2021. Thanks for listening! We'll see you soon.
Tackling DGA based malware detection in DNS traffic
Earlier this year, Akamai's Enterprise team tackled the problem of DGA detection in the wild by using Neural Networks, essentially creating a state-of-the-art solution for near online detection of DGA communication.
A Discussion With CSO Andy Ellis
In this week's podcast, Steve and Andy talk about his recent Reddit AMA, and the best food to have on hand for a security incident. The topic is an off-shoot of the best wine pairing question from the AMA, and Andy adds to that answer with the story behind his choice of wine (1976 Chateau Gloria, Saint-Julien) for an internet meltdown. https://www.reddit.com/r/netsec/comments/jp73qv/i_am_the_chief_security_officer_at_akamai_and_i/
Evading Link Scanning Security Services with Passive ...
By Gal Bitensky, Executive Summary Link scanners are a critical component in multiple classes of security products including email security suites, websites that suggest direct inspection of a suspicious link, and others. Behind the scenes, these services use web clients to fetch the contents of a link. This is, by definition, a bot, what we often nickname "a good bot." This research discusses scenarios where threat actors apply classic tactics
State of The Internet Security 2020 Year In Review
What a year it's been. . Just as the ink started to dry on those first pages of 2020, we opened up our first report with this: "As we look forward to the year ahead, the staff that produces the State of the Internet / Security report really only has one resolution -- evolve. It's an interesting mandate, because we're not the only ones evolving. Criminals have started to evolve,
Phishing Summary 2020 - Trends and Highlights
2020 was a challenging year for many of us, as the COVID-19 pandemic disrupted life and introduced challenges in almost all elements of living. 2020 was also challenging from a cybersecurity point of view, as nearly the entire workforce moved to remote working and enterprise boundaries were never so vague, which introduced complexities on that end. As this year comes to an end, it's time to look back and highlight
WordPress Malware Setting Up SEO Shops
While recently looking over my honeypots, I discovered an infection where a malicious actor added a storefront on top of my existing WordPress installation. For background, this particular honeypot is a full instance of WordPress running on a Docker image. The administrator credentials are intentionally weak, in order to give those with malicious intent easy access. This way I can examine what attacks the vulnerable site will undergo and what