Akamai Lines Background

2014 Cybersecurity Threat Advisories

Understand the sources and attributes of emerging cybersecurity threats, and best practices to prevent, identify and mitigate DDoS attacks and vulnerabilities to protect your enterprise.

  • Man-in-the-Middle Attacks Target iOS and Android Threat Advisory
    Published December 17, 2014
    Attackers may be using phishing and remote access Trojans such as Xsser mRAT to target mobile phones for surveillance, stealing credentials and DDoS attacks.

    View Now
  • Yummba Webinject Tools Threat Advisory
    Published November 20, 2014
    Yummba webinject tools and ATSengine are used to steal bank logins and transfer funds. Includes analysis and vulnerability mitigation.

    View Now
  • Crafted DNS Attack Threat Advisory
    Published November 11, 2014
    Malicious actors are crafting large TXT records to increase amplification in DNS reflection and amplification attacks.

    View Now
  • Shellshock Bash Bug DDoS Botnet Threat Advisory
    Published October 30, 2014
    DDoS botnet-builders are using the Shellshock Bash bug in Linux-based, Mac OS X and Cygwin systems to propagate a DDoS botnet, launch DDoS attacks, exfiltrate confidential data and run malicious programs.

    View Now
  • Poodle SSLv3 Vulnerability Threat Advisory
    Published October 27, 2014
    A Secure Socket Layer version 3 (SSLv3) vulnerability, CVE-2014-3566, may allow an attacker to calculate the plaintext (cleartext) in secure connections, effectively defeating SSL protection.

    View Now
  • SSDP Reflection DDoS Attacks Threat Advisory
    Published October 15, 2014
    Vulnerabilities in common devices using the Universal Plug and Play (UPnP) and Simple Service Discovery (SSDP) protocols can be employed as tools for reflection and amplification DDoS attacks.

    View Now
  • Spike DDoS Toolkit Threat Advisory
    Published September 24, 2014
    The capability of this kit to infect and control a broader range of devices, including Linux and ARM-based devices, allows DDoS attackers to launch large attacks and to propagate botnets in a post-PC era.

    View Now
  • IptabLes and IptabLex DDoS Bots Threat Advisory
    Published September 3, 2014
    Linux systems are being infiltrated via known vulnerabilities in Apache Struts, Tomcat and Elasticsearch to host IptabLes and IptabLex malware for use in DDoS botnets.

    View Now
  • Blackshades RAT Threat Advisory
    Published July 9, 2014
    Blackshades RAT crimeware is used for identity theft and blackmail. It allows malicious actors to spy on users by monitoring video and audio, keylogging, harvesting banking and website access credentials, and controlling the victim machine to hijack files and to launch executables.

    View Now
  • Zeus Crimeware Threat Advisory
    Published June 10, 2014
    The Zeus toolkit is used in many types of cybercrime, including customized attacks to target Fortune 500 enterprises. Attackers leverage the resources of infected devices and extract sensitive information for identity theft and fraud. Includes mitigation details.

    View Now
  • SNMP Reflector Threat Advisory
    Published May 22, 2014
    Simple Network Management Protocol (SNMP) reflection tools are used by malicious actors to harness devices such as printers, switches, firewalls and routers for use in DDoS attacks. Network administrators need to take the remediation steps described.

    View Now
  • Storm Network Stress Tester Threat Advisory
    Published April 29, 2014
    The Storm crimeware kit infects Windows XP (and higher) systems for malicious uses and enables file uploads and downloads and the launching of executables, including four DDoS attacks. Remote access lets malicious actors use a PC for malicious activity, such as the infection of other devices.

    View Now
  • NTP Amplification Threat Advisory
    Published March 12, 2014
    With only a handful of vulnerable NTP servers, NTP amplification attack toolkits enable malicious actors to launch 100 Gbps DDoS attacks and larger.

    View Now
  • Domain Name System (DNS) Flooder Threat Advisory
    Published February 11, 2014
    Malicious actors are purchasing, setting up and using their own DNS servers in reflection DDoS attacks, avoiding the need to source vulnerable DNS servers on the Internet. Includes a sample payload, analysis, source code, Snort rule, ACL mitigation and two case studies.

    View Now