Akamai Security Intelligence & Threat ResearchSubscribe
Having The Security Rug Pulled Out From Under You
I attended the Messaging, Malware and Mobile Anti-Abuse Working Group (m3aawg.org) meeting in Brooklyn, NY. I expected better weather to wander around the city while enjoying the conference and the neighborhood's wide selection of food. I had been so confident of clear skies that I did not bring a rain jacket. It rained most of the week. This left me somewhat stranded in my hotel room with free Wifi service
An Examination of a Phishing Kit Dubbed Luis
There have been plenty of articles describing the structure of phishing emails, and how to spot them. However, less explored, are phishing websites - what they are, how they are used, and how users can protect themselves. We'll take a deep dive into a particular phishing website and the methods used in the author's attempt to avoid detection. While reading through my Twitter feed, I noticed a tweet from @WifiRumHam
Security Response Headers: What They Are, Why You Sh ...
Security response headers are a critical security capability that all organizations should consider. This blog post is the first in a series that will discuss different security headers and go in-depth with how to configure them for maximum benefit. For cyber criminals, attacking a web application directly is not the only option available. They also have the ability target other users of the system in order to steal their information,
Capturing the HackerOne Flag
by Daniel Abeles & Shay Shavit HackerOne is a bug bounty platform that allows hackers around the world to participate in bug bounty campaigns, initiated by HackerOne's customers. Recently, HackerOne announced they would be hosting a special live hacking event in Buenos Aires along side a week long security conference, Ekoparty 14. In order to participate the special event, you either have to be a top ranked hacker on their
State of the Internet Security - Credential Stuffing
Credential stuffing, and the botnets behind this activity, is the primary focus of the State of the Internet Security Report, Issue 4, 2018. Credential stuffing, the use of botnets to try to login to a site with stolen or randomly created login information, isn't a new phenomenon, but it is one that is having a growing impact, especially on financial services organizations. Our latest report takes a deeper look at
Root KSK Roll: Replacing the Root of Trust for the D ...
By Tim April -------- Update (Sept. 17, 2018): On Sunday, September 16th, the ICANN Board adopted a resolution instructing the ICANN Organization to continue the Root KSK Roll as planned, switching the Root KSK at 1600 UTC on October 11, 2018. --------- On October 11, 2018 -- for the first time ever -- the Root Key Signing Key (Root KSK), that is the single root of trust used to verify
New Tsunami/Kaiten Variant: Propagation Status
Ryan Barnett, Principal Security Researcher, Akamai Moshe Zioni, Director of Threat Research, Akamai Recent news reports have highlighted the latest evolution of the Mirai botnet code, which is itself an evolution of the Kaiten botnet. The botnet developers have leveraged features from an open-source project, called Aboriginal Linux, that results in a cross platform compiled binary. Needless to say, this greatly increases the success rates of spreading the Mirai malware
The Dark Side of APIs: Denial of Service Attacks
Ryan Barnett, Principal Security Researcher, Akamai Elad Shuster, Senior Security Researcher, Akamai In this blog post, we will discuss different Denial of Service (DoS) attacks that may negatively impact your API services, as well as mitigations offered by Kona Site Defender (KSD).
Attack Status: Apache Struts Vulnerability (CVE-201 ...
This blog post is a follow-up to https://blogs.akamai.com/2018/08/apache-struts-vulnerability-cve-2018-11776.html and its purpose is to highlight attack data we have seen on the Akamai network related to this vulnerability.