Akamai Diversity

Akamai Security Intelligence & Threat Research

AkamAI Research

AkamAI Research

January 9, 2018 6:57 AM

A Death Match of Domain Generation Algorithms

By Hongliang Liu and Yuriy Yuzifovich Originally posted on December 29, 2017 Today's post is all about DGA's (Domain Generation Algorithms): what they are, why they came into existence, what are some use cases where they are used, and, most importantly - how to detect and block them. As we will demonstrate here, the most effective defense against DGAs is a combination of traditional methods with modern machine intelligence.

Mike Kun

Mike Kun

December 15, 2017 2:03 PM

Attack of the Killer ROBOT

On Dec 12th, 2017, researchers Hanno Böck, Juraj Somorovsky and Craig Young published a paper detailing an attack they called the Return Of Bleichenbacher's Oracle Threat (ROBOT)(https://eprint.iacr.org/2017/1189). This attack, as the name implies, is an extension of an attack published in 1998 (https://link.springer.com/content/pdf/10.1007%2FBFb0055716.pdf) that affects systems using certain implementations of RSA key exchange.

Akamai InfoSec

Akamai InfoSec

December 14, 2017 11:54 AM

Akamai, Mirai, & The FBI

Through the end of 2016, and throughout 2017, multiple Mirai-based botnets targeted multiple Akamai customers. The very first Mirai attack against Akamai was a multi-day barrage, weighing in at a peak of 620/Gbps that sent shockwaves across the Internet. The same botnet would go on to conduct several hard hitting attacks across the Internet and cause widespread outages.

Ali Fakeri Tabrizi

Ali Fakeri Tabrizi

October 27, 2017 3:23 PM

The Many Security Usages of Anomaly Detection

The most common use of network infrastructure is to facilitate legitimate communication between two parties across the network. Unfortunately, the same network infrastructure provides an opportunity for malicious communications.

Thanh Nguyen

Thanh Nguyen

October 26, 2017 12:36 PM

The continuous threat of malware hiding in fake Adob ...

Overview The constant stream of Adobe Flash updates has always been a serious security headache. As a matter of fact, using our Domain Reputation System (DRS), we recently discovered hundreds of new core domains per day, each with different subdomains, which trick users to download and install the latest Adobe Flash security patches. The total unique client count for all these names is hundreds of thousands, based on the global

Akamai InfoSec

Akamai InfoSec

October 25, 2017 5:55 AM

What You Need To Know About The "ROCA" vulnerability

By Daniel Franke, Infosec Researcher Akamai is aware of the recently-disclosed "ROCA" vulnerability in cryptographic firmware used in products made by Infineon Technologies. A bug in the firmware's prime-search algorithm used for RSA key generation results in RSA keys that are relatively cheap and inexpensive to factor. The bug impacts Infineon Trusted Platform Modules (TPMs) as well as many smartcards and Hardware Security Modules (HSMs) that use Infineon chips but

Or Katz

Or Katz

October 19, 2017 4:00 PM

Fast Flux Botnet: Research Results

Just like that, another Akamai Edge has come and gone. If you were able to join us this year, I hope you had a chance to stop by my presentation on Threat Intelligence Insights: An In-Depth Analysis of a Fast Flux Botnet.

Hongliang Liu

Hongliang Liu

October 2, 2017 2:30 PM

mpaaweb.com amplification attack: Welcome to a new e ...

In today's post we describe a new amplification attack we've observed only a few days ago, and which we believe is a new phase in the evolution of DDoS attacks. Before getting into the details, let's start with a quick recap of what amplification attacks really are.

Hongliang Liu

Hongliang Liu

September 11, 2017 3:17 PM

Detecting file-less malware with file-less detection

File-less malware is malware that exists exclusively as a computer memory-based artifact (i.e., in RAM). It doesn't write any of its activities to the hard drive, so it has no footprint in the file system. According to Carbon Black, this type of attack is on the rise: 97% of their customers were targeted by a file-less malware in 2016. The reason for its proliferation? Quite simply, it works.