Akamai Diversity

Akamai Security Intelligence & Threat Research

Or Katz

Or Katz

December 14, 2018 8:00 AM

Quiz Phishing: One Scam, 78 Variations

Overview Over the past year, Akamai Enterprise Threat Research team monitored the usage of one particular phishing toolkit in the wild. We previously wrote about this phishing toolkit as "Three Questions Quiz". The "Quiz" toolkit is not new to the threat landscape, as its been used in many phishing campaigns in recent years. Our goal here is to present new insights on the evolution and scale of usage of the

Ryan Barnett

Ryan Barnett

November 27, 2018 7:05 AM

Protecting Your Website Visitors from Magecart: Trus ...

There have been many news reports recently which outline how cyber criminals have successfully injected credit card skimming JavaScript code into the checkout process pages of various websites. Dubbed Magecart, these attacks refer to a number of threat actors who are using similar tactics to skim customer data from e-commerce websites. While Magecart is the current threat example, the larger threat is that of malicious JavaScript skimmer code. This blog

Akamai SIRT Alerts

Akamai SIRT Alerts

November 16, 2018 10:17 AM

Scanning Akamai's Edge Servers for Vulnerabilities, ...

By, Kaan Onarlioglu Continuous monitoring of the Akamai Edge Platform for security vulnerabilities is an integral part of all engineering efforts at Akamai. In addition to our internal vulnerability management program, we engage with third-party assessors to periodically perform external scans of our systems since this is required for compliance with security standards such as PCI DSS and FedRAMP.

Larry Cashdollar

Larry Cashdollar

October 30, 2018 9:00 AM

An Update on the jQuery-File-Upload Vulnerability

In the days following the original post concerning my disclosure of the flaw in jQuery-File-Upload (CVE-2018-9206), many people reached to me with a number of questions on various related topics. I think a blog post is the best way to answer many of them, along with explaining ongoing efforts to identify and patch vulnerable jQuery instances in the wild.

Larry Cashdollar

Larry Cashdollar

October 18, 2018 10:45 AM

Having The Security Rug Pulled Out From Under You

I attended the Messaging, Malware and Mobile Anti-Abuse Working Group (m3aawg.org) meeting in Brooklyn, NY. I expected better weather to wander around the city while enjoying the conference and the neighborhood's wide selection of food. I had been so confident of clear skies that I did not bring a rain jacket. It rained most of the week. This left me somewhat stranded in my hotel room with free Wifi service

Larry Cashdollar

Larry Cashdollar

October 12, 2018 8:14 AM

An Examination of a Phishing Kit Dubbed Luis

There have been plenty of articles describing the structure of phishing emails, and how to spot them. However, less explored, are phishing websites - what they are, how they are used, and how users can protect themselves. We'll take a deep dive into a particular phishing website and the methods used in the author's attempt to avoid detection. While reading through my Twitter feed, I noticed a tweet from @WifiRumHam

Ryan Barnett

Ryan Barnett

October 11, 2018 7:33 AM

Security Response Headers: What They Are, Why You Sh ...

Security response headers are a critical security capability that all organizations should consider. This blog post is the first in a series that will discuss different security headers and go in-depth with how to configure them for maximum benefit. For cyber criminals, attacking a web application directly is not the only option available. They also have the ability target other users of the system in order to steal their information,

Akamai SIRT Alerts

Akamai SIRT Alerts

September 14, 2018 7:44 AM

Root KSK Roll: Replacing the Root of Trust for the D ...

By Tim April -------- Update (Sept. 17, 2018): On Sunday, September 16th, the ICANN Board adopted a resolution instructing the ICANN Organization to continue the Root KSK Roll as planned, switching the Root KSK at 1600 UTC on October 11, 2018. --------- On October 11, 2018 -- for the first time ever -- the Root Key Signing Key (Root KSK), that is the single root of trust used to verify

Ryan Barnett

Ryan Barnett

September 11, 2018 11:48 AM

New Tsunami/Kaiten Variant: Propagation Status

Ryan Barnett, Principal Security Researcher, Akamai Moshe Zioni, Director of Threat Research, Akamai Recent news reports have highlighted the latest evolution of the Mirai botnet code, which is itself an evolution of the Kaiten botnet. The botnet developers have leveraged features from an open-source project, called Aboriginal Linux, that results in a cross platform compiled binary. Needless to say, this greatly increases the success rates of spreading the Mirai malware