Akamai Security Intelligence & Threat ResearchSubscribe
The Dark Side of APIs, Part 2
Ryan Barnett, Principal Security Researcher, Akamai Elad Shuster, Senior Security Researcher, Akamai During its research into Credential Abuse attack campaigns, Akamai's threat research team conducted an analysis of web logins to gain insights into how widespread the adoption of API-based logins is and whether or not this trend also affects attackers and attack campaigns. It will come as no surprise that API-based logins are highly targeted by credential abuse attackers
Universal Plug and Play (UPnP): What you need to kn ...
Universal Plug and Play (UPnP) is a widely used protocol with a decade-long history of flawed implementations across a wide range of consumer devices. In this paper, we will cover how these aws are still present on devices, how these vulnerabilities are actively being abused, and how a feature/vulnerability set that seems to be mostly forgotten could lead to continued problems in the future with DDoS, account takeover, and malware
The Dark Side of APIs: Part 1, API Overview
Ryan Barnett, Principal Security Researcher, Akamai Elad Shuster, Senior Security Researcher, Akamai API Overview Application Programming Interfaces (API) are a software design approach which enables software and system developers to integrate with other systems based on a defined set of communication methods. APIs serve as software building blocks and allow for software reuse - essentially allowing fast development of new systems based on existing capabilities.
What You Need To Know: "SNIPR" Credential Stuffing T ...
Overview Credential abuse (CA) is a trend that is here to stay. It affects almost every one of us. There are attackers trying to break into every online account and the vast majority of these attacks are happening silently in the background. In the past, credential abuse tools were written and distributed in closed forums and among air-gapped societies. Now, they are widely available; there is a highly active market
memcached, now with extortion!
Over the past week, memcached reflection attacks have taken the DDoS scene by storm. With several attacks hitting organizations across many industries, including a record breaking 1.3Tbps attack against an Akamai customer. Akamai has observed a new trend in extortion attempts using memcached payloads to deliver the message.
Memcached-fueled 1.3 Tbps attacks
At 17:28 GMT, February 28th, Akamai experienced a 1.3 Tbps DDoS attack against one of our customers, a software development company, driven by memcached reflection. This attack was the largest attack seen to date by Akamai, more than twice the size of the September, 2016 attacks that announced the Mirai botnet and possibly the largest DDoS attack publicly disclosed. Because of memcached reflection capabilities, it is highly likely that this
Memcached UDP Reflection Attacks
Akamai is aware of a new DDoS reflection attack vector: UDP-based memcached traffic. Memcached is a tool meant to cache data and reduce strain on heavier data stores, like disk or databases. The protocol allows the server to be queried for information about key value stores and is only intended to be used on systems that are not exposed to the Internet. There is no authentication required with memcached. When
Wordpress DoS Attack: CVE-2018-6389
Overview On February 5, an Israeli security researcher, Barak Tawily, discovered a Denial of Service (DoS) attack impacting all 3.x-4.x versions of the Wordpress content management platform. The vulnerability is currently unpatched and relies on a performance boosting feature in Wordpress allowing Javascript and style sheets to be loaded in bulk via a single request. The attack does not affect the Akamai platform, but it does affect any customers using
Humans, Machines and Data: Fighting Mirai, Together
By Yohai Einav, Hongliang Liu Background It's been 18 months since Mirai entered our lives, and, unfortunately, we expect it to have a perennial presence in our cyber-world for years to come. If we look at the big picture, all indicators suggest that the Mirai problem (and its descendants) is just going to increase, with the growing number of IoT devices in the world and the improvement in IoT hardware