Akamai Diversity

Akamai Security Intelligence & Threat Research

Larry Cashdollar

Larry Cashdollar

August 3, 2018 10:06 AM

Defcon Expectations and Hopes

I recently attended Thotcon in Chicago, where I saw a presentation by Avishay Zawoznik called, "V!4GR4 BotNet: Cyber-Crime, Enlarged". It describes the processes, by a black hat, that used SQL injection to inject Viagra spam into vulnerable websites. The main takeaway was that the speaker talked about how compromised wordpress websites were used as webshells to operate the spam campaign from. I originally was under the assumption that websites were

Lydia LaSeur

Lydia LaSeur

July 23, 2018 9:00 AM

Geographic Normalization of Web Attack Data

Purpose of normalization Data without context is arguably useless. If some variable of interest has a strong and inherent relationship with another, little understanding of the system can be gained if that relationship isn't considered. This consideration is just as integral to data visualization as it is to analysis. The purpose of any good visualization is to create a useful and insightful perspective of the data that quickly provides the

Akamai InfoSec

Akamai InfoSec

July 6, 2018 11:29 AM

DrupalGangster: An old threat actor trying to cash-i ...

Written by the Akamai Threat Research Team Akamai Threat Research has observed an increase in attacks attempting to exploit a recent Drupal vulnerability (CVE-2018-7600). Much like recent vulnerabilities in Apache Struts, attackers have attempted to use this exploit for remote command injection attacks and to harness the power of the botnet to join a herd of coin-miners for profit. While the attacker did not use a large number of machines

Akamai InfoSec

Akamai InfoSec

June 27, 2018 7:15 AM

WHAT YOU NEED TO KNOW - SUMMER 2018 STATE OF THE INT ...

It's that time of year - the Summer 2018 State of the Internet / Security: Web Attack report is now live. This new naming schema is just one of the many changes you'll notice if you're a returning reader of quarterly report, and there are more changes coming as we work to bring you insights and intelligence from our data in as useful and timely a way as possible. The

Martin McKeay

Martin McKeay

June 21, 2018 6:30 AM

Summer SOTI - Web Attacks

Continuing Changes Welcome to the second blog post for the Summer 2018 State of the Internet / Security. If you've read the SOTI / Security report before, much of what you see here should be familiar, though the time frame we're looking at is the six months from November 2017 to April 2018, instead of the last quarter. The numbers are bigger and give us a better idea of the

Akamai SIRT Alerts

Akamai SIRT Alerts

June 19, 2018 6:52 AM

Anonymous #OpIcarus2018

Written by Lisa Beegle OVERVIEW Operation #OpIcarus2018 has been announced and it encompasses several on-going campaigns, including #OpPayBack, #OpIcarus, #DeleteTheElite, and #SosNicaragua. The attack campaign(s) are being driven by actors using Anonymous iconography and ideological motives. These malicious actors have stated their intent to attack various banking institutions between June 21 through 28 2018. Targeted enterprises need to be on heightened alert leading up to these dates, as there are

Martin McKeay

Martin McKeay

June 19, 2018 6:30 AM

Summer SOTI - DDoS by the numbers

Time for a Change The State of the Internet / Security report has been the home for Akamai's research on DDoS, attack traffic and Internet threats for over three years. While the report has evolved and expanded its scope considerably over that time, the content and how it's presented have only seen moderate changes. But as of the Summer 2018 Web Attack report, you'll see significant changes in how we

Amanda Fakhreddine

Amanda Fakhreddine

June 12, 2018 8:33 AM

State of the Internet Summer 2018 Attack Spotlight: ...

Earlier this year, Akamai mitigated the largest DDoS attack in its history, fueled by a new reflector, memcached. The attack targeted one of our software clients and broke through the 1 Tbps threshold for the first time. Memcached was developed to act as a distributed memory caching system. Since the protocol uses UDP, an insecure protocol, and carries the potential for tremendous amplification, it has the key traits of a

Thanh Nguyen

Thanh Nguyen

May 2, 2018 5:28 AM

Domain Reputation System: building a large graph to ...

Why do we need a Knowledge Base system Let me start with an obvious statement: the Internet generates a lot of data. Every day we, Akamai's security research teams, see billions of DNS queries, millions of domains, and who knows how many IP addresses. This is an exciting thing, especially if you're a data scientist. In the past year, we have taken on a "simple task": to map the "dark