Akamai Diversity

Akamai Security Intelligence
& Threat Research

Steve Ragan

Steve Ragan

December 10, 2020 9:12 AM

A Discussion With CSO Andy Ellis

In this week's podcast, Steve and Andy talk about his recent Reddit AMA, and the best food to have on hand for a security incident. The topic is an off-shoot of the best wine pairing question from the AMA, and Andy adds to that answer with the story behind his choice of wine (1976 Chateau Gloria, Saint-Julien) for an internet meltdown. https://www.reddit.com/r/netsec/comments/jp73qv/i_am_the_chief_security_officer_at_akamai_and_i/

Guest Blogger

Guest Blogger

December 9, 2020 5:00 PM

Evading Link Scanning Security Services with Passive ...

By Gal Bitensky, Executive Summary Link scanners are a critical component in multiple classes of security products including email security suites, websites that suggest direct inspection of a suspicious link, and others. Behind the scenes, these services use web clients to fetch the contents of a link. This is, by definition, a bot, what we often nickname "a good bot." This research discusses scenarios where threat actors apply classic tactics

Amanda Fakhreddine

Amanda Fakhreddine

December 9, 2020 6:00 AM

State of The Internet Security 2020 Year In Review

What a year it's been. . Just as the ink started to dry on those first pages of 2020, we opened up our first report with this: "As we look forward to the year ahead, the staff that produces the State of the Internet / Security report really only has one resolution -- evolve. It's an interesting mandate, because we're not the only ones evolving. Criminals have started to evolve,

Or Katz

Or Katz

December 8, 2020 9:00 AM

Phishing Summary 2020 - Trends and Highlights

2020 was a challenging year for many of us, as the COVID-19 pandemic disrupted life and introduced challenges in almost all elements of living. 2020 was also challenging from a cybersecurity point of view, as nearly the entire workforce moved to remote working and enterprise boundaries were never so vague, which introduced complexities on that end. As this year comes to an end, it's time to look back and highlight

Larry Cashdollar

Larry Cashdollar

November 20, 2020 9:00 AM

WordPress Malware Setting Up SEO Shops

While recently looking over my honeypots, I discovered an infection where a malicious actor added a storefront on top of my existing WordPress installation. For background, this particular honeypot is a full instance of WordPress running on a Docker image. The administrator credentials are intentionally weak, in order to give those with malicious intent easy access. This way I can examine what attacks the vulnerable site will undergo and what

Steve Ragan

Steve Ragan

November 19, 2020 9:00 AM

A Discussion: Kristin Nelson-Patel's path to InfoSec ...

Martin and Steve talk with Kristin Nelson-Patel, the Lead Architect on Akamai's Sensors Team, about her path into InfoSec, impostor syndrome, and what her job entails. This episode is a continuation of the theme started in October, and earlier this month, where others shared their experiences.

Steve Ragan

Steve Ragan

November 11, 2020 9:00 AM

Akamai's Affinity Conference: A Discussion

In this week's episode, Steve is joined by Ela Wolny, Joanna Gamracy, Robert Pajak, Or Katz, and Larry Cashdollar to talk about Akamai's Affinity conference. Larry and Or discuss their presentations, while Ela, Joanna, and Robert introduce Steve to Affinity and its history. The Akamai Affinity conference is an annual conference created by IT professionals, for IT professionals. Over three days, Affinity offers participants an opportunity to experience not only

Steve Ragan

Steve Ragan

November 6, 2020 9:00 AM

A Discussion: Imposter Syndrome & Paths To InfoSec ...

Steve Ragan and Chad Seaman, senior researcher for Akamai's SIRT, discuss their paths into InfoSec, impostor syndrome, and the magic that was Encarta '95. This episode is part of a longer series on impostor syndrome, and the unique paths many of us in Akamai's InfoSec team have taken in security.

Or Katz

Or Katz

October 30, 2020 5:00 AM

Phishing JavaScript Obfuscation Techniques Soars

In our previous blogs, first where we explained JavaScript Obfuscation techniques and introduced a detailed overview on how JavaScript is being used to obfuscate page content to make phishing attacks and other web scams as evasive as possible; followed by one where we took a deep dive to examine double JavaScript obfuscation techniques, presenting a tale of an obfuscated scam seen in the wild and showing how the same phishing