Akamai Diversity

Akamai Security Intelligence
& Threat Research

Akamai SIRT Alerts

Akamai SIRT Alerts

November 28, 2018 9:24 AM

UPnProxy: EternalSilence

By, Chad Seaman Overview: UPnProxy is alive and well. There are 277,000 devices, out of a pool of 3.5 million, running vulnerable implementations of UPnP. Of those, Akamai can confirm that more than 45,000 have been compromised in a widely distributed UPnP NAT injection campaign. These injections expose machines living behind the router to the Internet and appear to target the service ports used by SMB.

Ryan Barnett

Ryan Barnett

November 27, 2018 7:05 AM

Protecting Your Website Visitors from Magecart: Trus ...

There have been many news reports recently which outline how cyber criminals have successfully injected credit card skimming JavaScript code into the checkout process pages of various websites. Dubbed Magecart, these attacks refer to a number of threat actors who are using similar tactics to skim customer data from e-commerce websites. While Magecart is the current threat example, the larger threat is that of malicious JavaScript skimmer code. This blog

Larry Cashdollar

Larry Cashdollar

November 20, 2018 2:00 PM

jQuery File Upload Disclosure Due Diligence

After I disclosed the arbitrary file upload vulnerability in Blueimp's jQuery File Upload project in early October I decided to investigate similar projects. I found a list of the top 20 jQuery file upload projects that listed both free open source and commercial repositories. I started to examine the code that didn't require a purchase, and found the majority didn't provide a method to actually upload the file. They simply

Akamai InfoSec

Akamai InfoSec

November 20, 2018 10:00 AM

An Introduction to Magecart

Written by Steve Ragan Since at least September, a number of criminals have been targeting online shopping carts and skimming credit card data at checkout. Collectively, these criminals are being called Magecart. Researchers at RiskIQ and Flashpoint Intelligence have identified six groups associated with these skimming attacks. Like it or not, the holiday shopping season is here. Over the next few weeks, many of you will be searching out deals

Akamai SIRT Alerts

Akamai SIRT Alerts

November 16, 2018 10:17 AM

Scanning Akamai's Edge Servers for Vulnerabilities, ...

By, Kaan Onarlioglu Continuous monitoring of the Akamai Edge Platform for security vulnerabilities is an integral part of all engineering efforts at Akamai. In addition to our internal vulnerability management program, we engage with third-party assessors to periodically perform external scans of our systems since this is required for compliance with security standards such as PCI DSS and FedRAMP.

Martin McKeay

Martin McKeay

November 5, 2018 3:43 PM

What were the DDoS numbers for Q2 & Q3 2018?

We heard your feedback. First of all, the numbers that everyone is most interested in: There were 2,057 DDoS attacks in the Q1 of 2018, 1839 attacks in Q2 and 2,367 attacks in Q3, for a total of 6,263 DDoS attacks as of September 30th, 2018. Now that's out of the way, the next most important thing to acknowledge is about our reporting period. In the last State of the

Larry Cashdollar

Larry Cashdollar

October 30, 2018 9:00 AM

An Update on the jQuery-File-Upload Vulnerability

In the days following the original post concerning my disclosure of the flaw in jQuery-File-Upload (CVE-2018-9206), many people reached to me with a number of questions on various related topics. I think a blog post is the best way to answer many of them, along with explaining ongoing efforts to identify and patch vulnerable jQuery instances in the wild.

Larry Cashdollar

Larry Cashdollar

October 18, 2018 10:45 AM

Having The Security Rug Pulled Out From Under You

I attended the Messaging, Malware and Mobile Anti-Abuse Working Group (m3aawg.org) meeting in Brooklyn, NY. I expected better weather to wander around the city while enjoying the conference and the neighborhood's wide selection of food. I had been so confident of clear skies that I did not bring a rain jacket. It rained most of the week. This left me somewhat stranded in my hotel room with free Wifi service

Larry Cashdollar

Larry Cashdollar

October 12, 2018 8:14 AM

An Examination of a Phishing Kit Dubbed Luis

There have been plenty of articles describing the structure of phishing emails, and how to spot them. However, less explored, are phishing websites - what they are, how they are used, and how users can protect themselves. We'll take a deep dive into a particular phishing website and the methods used in the author's attempt to avoid detection. While reading through my Twitter feed, I noticed a tweet from @WifiRumHam