Akamai Security Intelligence and Threat Research Blog

Martin McKeay

June 21, 2018 6:30 AM

Summer SOTI - Web Attacks

Continuing Changes Welcome to the second blog post for the Summer 2018 State of the Internet / Security. If you've read the SOTI / Security report before, much of what you see here should be familiar, though the time frame we're looking at is the six months from November 2017 to April 2018, instead of the last quarter. The numbers are bigger and give us a better idea of the

Akamai SIRT Alerts

June 19, 2018 6:52 AM

Anonymous #OpIcarus2018

Written by Lisa Beegle OVERVIEW Operation #OpIcarus2018 has been announced and it encompasses several on-going campaigns, including #OpPayBack, #OpIcarus, #DeleteTheElite, and #SosNicaragua. The attack campaign(s) are being driven by actors using Anonymous iconography and ideological motives. These malicious actors have stated their intent to attack various banking institutions between June 21 through 28 2018. Targeted enterprises need to be on heightened alert leading up to these dates, as there are

Martin McKeay

June 19, 2018 6:30 AM

Summer SOTI - DDoS by the numbers

Time for a Change The State of the Internet / Security report has been the home for Akamai's research on DDoS, attack traffic and Internet threats for over three years. While the report has evolved and expanded its scope considerably over that time, the content and how it's presented have only seen moderate changes. But as of the Summer 2018 Web Attack report, you'll see significant changes in how we

Amanda Fakhreddine

June 12, 2018 8:33 AM

State of the Internet Summer 2018 Attack Spotlight: ...

Earlier this year, Akamai mitigated the largest DDoS attack in its history, fueled by a new reflector, memcached. The attack targeted one of our software clients and broke through the 1 Tbps threshold for the first time. Memcached was developed to act as a distributed memory caching system. Since the protocol uses UDP, an insecure protocol, and carries the potential for tremendous amplification, it has the key traits of a

Thanh Nguyen

May 2, 2018 5:28 AM

Domain Reputation System: building a large graph to ...

Why do we need a Knowledge Base system Let me start with an obvious statement: the Internet generates a lot of data. Every day we, Akamai's security research teams, see billions of DNS queries, millions of domains, and who knows how many IP addresses. This is an exciting thing, especially if you're a data scientist. In the past year, we have taken on a "simple task": to map the "dark

Ryan Barnett

April 13, 2018 2:35 AM

The Dark Side of APIs, Part 2

Ryan Barnett, Principal Security Researcher, Akamai Elad Shuster, Senior Security Researcher, Akamai During its research into Credential Abuse attack campaigns, Akamai's threat research team conducted an analysis of web logins to gain insights into how widespread the adoption of API-based logins is and whether or not this trend also affects attackers and attack campaigns. It will come as no surprise that API-based logins are highly targeted by credential abuse attackers

Akamai SIRT Alerts

April 9, 2018 10:30 AM

Universal Plug and Play (UPnP): What you need to kn ...

Universal Plug and Play (UPnP) is a widely used protocol with a decade-long history of flawed implementations across a wide range of consumer devices. In this paper, we will cover how these aws are still present on devices, how these vulnerabilities are actively being abused, and how a feature/vulnerability set that seems to be mostly forgotten could lead to continued problems in the future with DDoS, account takeover, and malware

Ryan Barnett

April 3, 2018 9:00 AM

The Dark Side of APIs: Part 1, API Overview

Ryan Barnett, Principal Security Researcher, Akamai Elad Shuster, Senior Security Researcher, Akamai API Overview Application Programming Interfaces (API) are a software design approach which enables software and system developers to integrate with other systems based on a defined set of communication methods. APIs serve as software building blocks and allow for software reuse - essentially allowing fast development of new systems based on existing capabilities.

Daniel Abeles

March 29, 2018 6:33 AM

What You Need To Know: "SNIPR" Credential Stuffing T ...

Overview Credential abuse (CA) is a trend that is here to stay. It affects almost every one of us. There are attackers trying to break into every online account and the vast majority of these attacks are happening silently in the background. In the past, credential abuse tools were written and distributed in closed forums and among air-gapped societies. Now, they are widely available; there is a highly active market

OVERVIEW

What We Do

INTELLIGENT EDGE PLATFORM

The Competitive Edge

THREAT RESEARCH

Cybersecurity Insights from the Experts

FREE TRIALS

Try Us Free

FEATURED

What's new with the Akamai Intelligent Edge Platform™

SECURITY

Security Solutions

WEB PERFORMANCE

Web Performance Solutions

MEDIA DELIVERY

Media Delivery Solutions

NETWORK OPERATOR

Network Operator Solutions

SERVICES

Services

DEVELOPERS

Akamai for DevOps

FEATURED

Security Solutions

CASE STUDIES

Customer Case Studies

INSIGHTS

Internet Observatory

REPORT

State of the Internet Report

DOCUMENT LIBRARY

Our Library

CDN LEARNING CENTER

About Content Delivery Networks (CDNs)

GLOSSARY

Cloud Computing Glossary

DOCUMENTATION

Technical Documentation

FOR DEVELOPERS

For Developers

COMMUNITY

Community

FEATURED

Our Library

GET IN TOUCH

Global Support Phone Numbers

SUPPORT

Support Resources

UNDER ATTACK

Are You Under Attack?

UNDER ATTACK

Are You Under Attack?

LOCATIONS

Our Offices

CONTACT

Get in touch