In addition to driving industry-leading security intelligence, Akamai threat researchers regularly publish in academic journals and present at conferences and industry association events, sharing mitigation strategies and data focused on the constantly evolving security landscape.
FEATURED SECURITY VIDEO
Stories from the Security Operations Command Center
FEATURED SECURITY REPORT
This special media edition focuses on the hundreds of millions of credential stuffing attacks that occur each day, especially those aimed at media organizations. The report describes tools and tutorials available online, including All-in-One (AIO) applications such as SNIPR.
The report also looks at the thriving darknet marketplaces for stolen accounts, and methods to reduce the threat of credential stuffing attacks recommended by Akamai security researchers.Download the report
FEATURED THREAT ADVISORY
Multiple Vulnerabilities in Magento: Earlier this week, Magento disclosed a new set of vulnerabilities affecting versions 2.0 and up. With a proof of concept exploit already published and the an SQL injection vulnerability being actively exploited, we look at how you can determine if you have been targeted and recommended remedial actions to be taken.
- Phishing Attacks Against Facebook/Google via Google Translate Read Blog Post
- InfoSec Experiment — Letting the CAT Out of the Bag Read Blog Post
- ThinkPHP Exploit Actively Exploited in the Wild Read Blog Post
Technical Threat Research
- Strategies for Active IPv6 Topology Discovery Read Publication
- Advancing the Art of Internet Edge Outage Detection Read Publication
- Improving Bitrate Adaptation in the DASH Reference Player Read Publication
Larry Cashdollar is a member of Akamai’s Security Incident Response Team (SIRT) and has worked as a vulnerability researcher in the security field for almost two decades. Larry studied computer science at the University of Southern Maine. He has published over 300 software vulnerabilities and has presented his research at BSides Boston, OWASP Rhode Island, and DEF CON.
The latest threat advisories, network security white papers, and cloud security news with updates on DDoS attacks, botnets, malware, ransomware, and other cybersecurity vulnerabilities.
- Multiple Magento Vulnerabilities: Learn about a new set of exploits, checks, and recommended fixes Read Report
- Satori Mirai Variant Alert: We look at new Mirai exploits that target multiple vulnerabilities Read Report
- CLDAP Reflection: We analyze the capabilities of and defenses against a new CLDAP method Read Report
Network Security White Papers
- Web Vulnerabilities: The Foundation of the Most Sophisticated DDoS Campaigns Read the whitepaper
- Plan vs. Panic: Making a DDoS Mitigation Playbook Part of Your Incident Response Plan Read the whitepaper
- IDC: Worldwide DDoS Prevention Products and Services 2013–2017 Forecast Read the whitepaper
Our unprecedented visibility provides insights into DNS and IP traffic that inform threat visualizations to reveal risk factors and attacks blocked, and provide critical security data.
Daily threat levels by industry and region containing informed Internet security metrics.Learn More
Akamai Threat Research in the News
Top stories in the security industry trade, with insights from our threat intelligence research experts.
Multiple threat actors are using relatively simple techniques to take advantage of this vulnerability.Read on Dark Reading
Despite available patches, unpatched installations are enticing targets for malicious actors.Read on TechRepublic
Akamai reveals widespread scanning for the recently disclosed remote code execution vulnerability.Read on Security Week
The “Three Questions Quiz” is a scam, regardless of which legitimate brand it’s attempting to imitate.Read on SC Magazine
More than a year after patches were released, hundreds of thousands of computers are still unpatched and vulnerable.Read on TechCrunch
A fix is out, but the plugin is used in hundreds, if not thousands, of projects. Patching will take ages!Read on ZDNet
Meet Us at the Edge
Get the latest security research firsthand - meet our threat intelligence experts face-to-face at industry events throughout the year.
An array of useful threat research tools from browser debugging to firmware updates.
- MQTT-PWN A comprehensive solution for IoT broker penetration-testing and security assessment operations. Learn More
- JSShell An interactive multi-user web JS shell. Learn More
- Pipiot Double architecture x86/ARM malicious payload construction. Learn More
- Sonoff-Evil Firmware PoC that demos exploitation by MQTT. Learn More
- Sonoff-Angel Firmware that hardens usage of dangerous MQTT routines. Learn More
Robust compliance assessment programs, personal data processing services, and Payment Card Industry Data Security Standard (PCI DSS) certification.
Learn more about Akamai’s comprehensive compliance assessment programs and how we work with customers to obtain and maintain compliance.Learn More
Read more about Akamai’s personal data processing activities associated with the services it provides to customers.Learn More