Akamai Diversity

Akamai Security Intelligence
& Threat Research

Steve Ragan

Steve Ragan

November 19, 2020 9:00 AM

A Discussion: Kristin Nelson-Patel's path to InfoSec ...

Martin and Steve talk with Kristin Nelson-Patel, the Lead Architect on Akamai's Sensors Team, about her path into InfoSec, impostor syndrome, and what her job entails. This episode is a continuation of the theme started in October, and earlier this month, where others shared their experiences.

Steve Ragan

Steve Ragan

November 11, 2020 9:00 AM

Akamai's Affinity Conference: A Discussion

In this week's episode, Steve is joined by Ela Wolny, Joanna Gamracy, Robert Pajak, Or Katz, and Larry Cashdollar to talk about Akamai's Affinity conference. Larry and Or discuss their presentations, while Ela, Joanna, and Robert introduce Steve to Affinity and its history. The Akamai Affinity conference is an annual conference created by IT professionals, for IT professionals. Over three days, Affinity offers participants an opportunity to experience not only

Steve Ragan

Steve Ragan

November 6, 2020 9:00 AM

A Discussion: Imposter Syndrome & Paths To InfoSec ...

Steve Ragan and Chad Seaman, senior researcher for Akamai's SIRT, discuss their paths into InfoSec, impostor syndrome, and the magic that was Encarta '95. This episode is part of a longer series on impostor syndrome, and the unique paths many of us in Akamai's InfoSec team have taken in security.

Or Katz

Or Katz

October 30, 2020 5:00 AM

Phishing JavaScript Obfuscation Techniques Soars

In our previous blogs, first where we explained JavaScript Obfuscation techniques and introduced a detailed overview on how JavaScript is being used to obfuscate page content to make phishing attacks and other web scams as evasive as possible; followed by one where we took a deep dive to examine double JavaScript obfuscation techniques, presenting a tale of an obfuscated scam seen in the wild and showing how the same phishing

Steve Ragan

Steve Ragan

October 29, 2020 9:00 AM

A Discussion: Imposter Syndrome & Paths Into InfoSec

In this week's episode, Martin and Steve talk about imposter syndrome and various paths into InfoSec, as well as how they got their careers started. Everyone's path is unique, and this episode explores that aspect with some recent examples including interviews published by SC Magazine with Lesley Carhart, and Wired who spoke with Maddie Stone - two exceptional examples of security professionals working in the field today.

Guest Blogger

Guest Blogger

October 29, 2020 8:00 AM

Exploring the IoT Afterlife

By, Eric Kobrin Not only is October National Cyber Security Awareness Month (NCSAM), but it also contains one of my favorite holidays: Halloween. In the spirit of NCSAM and Halloween, let's talk about Internet of Things (IoT) devices wreaking havoc from beyond the grave.

Or Katz

Or Katz

October 28, 2020 5:00 AM

The Tale of Double JavaScript Obfuscated Scam

Overview The phishing landscape is constantly evolving. Over the years, it has evolved into a more scalable threat, with an overwhelming amount of campaigns being launched daily. Phishing also changed when criminals started adding more capabilities and features to their toolkits, which make the phishing websites long lived and difficult to detect.

Evyatar Saias

Evyatar Saias

October 27, 2020 7:31 AM

Tales From The Pot: Solr powered Kinsing

Additional research and support provided by Chad Seaman. Introduction Akamai SIRT has been working on the development, and deployment, of custom multipurpose honeypots that attempt to mimic a wide array of services and devices. One of these honeypots shows the inner workings of an active exploitation campaign targeting Apache Solr (Solr). The campaign had a noticeable effect on targeting and exploitation attempts for two CVEs impacting Solr servers. This post

Or Katz

Or Katz

October 26, 2020 5:00 AM

Catch Me if You Can - JavaScript Obfuscation

While conducting threat research on phishing evasion techniques, Akamai came across threat actors using obfuscation and encryption, making the malicious page harder to detect. The criminals were using JavaScript to pull this off.