Understand the sources and attributes of emerging cybersecurity threats, and best practices to prevent, identify and mitigate DDoS attacks and vulnerabilities to protect your enterprise.
Most Recent Threat Advisories
Threat Advisory: 2016 State of the Dark Web
Published February 14, 2017
2016 was an active year for the dark web. New cryptocurrencies found use alongside Bitcoin (BTC), and the general offerings of the dark web markets shifted significantly. In this threat advisory, readers will be able to learn more about the dark web, what happened in 2016 and what may happen in 2017.
Threat Advisory: mDNS Reflection DDoS
Published December 22, 2016
The Akamai Threat Research team recently observed an increase in the use of Multicast Domain Name Services (mDNS) in DDoS attacks. The team researched the usage of the protocol and dissects the potential of this relatively new attack vector.
Threat Advisory: Mirai Botnet
Published December 21, 2016
This advisory provides information about attack events and findings prior to the Mirai code release, as well as those occurring following its release. The advisory will also summarize pertinent research data and ultimately the processes that led to the associated findings.
Threat Advisory: 2016 Holiday Shopping Advisory
Published November 22, 2016
The 2016 holiday shopping season is fast approaching. More and more, shoppers are opting to make their purchases online rather than risk the frothing hordes at brick and mortar stores. With this in mind, now is a good time to review the potential threats retailers' digital properties may run into, and what they can do about them.
Threat Advisory: Exploitation of IoT devices for Launching Mass-Scale Attack Campaigns
Published October 11, 2016
The Akamai's Threat Research team recently reported on a case where millions of Internet-connected (IoT) devices were being used as the source for web based credential stuffing campaigns. When Akamai's Threat Research Team dug a little deeper, they found evidence that these devices were being used as proxies to route malicious traffic due to some default configuration weaknesses in their operating systems.
Threat Advisory: Kaiten/STD Router DDoS Malware
Published October 1, 2016
Akamai's Threat Research examines the Kaiten/STD botnet which targets Small Office/Home Office routers, IP Cameras and DVRs to create an Internet of Things-based botnet. This malware is closely related to the Mirai botnet family.
Case Study: Analysis of XSS Exploitation Through Remote Resource Injection
Published August 9, 2016
Akamai's Threat Research breaks down the nature of cross-site scripting (XSS) attacks based on observations of attack triggers across the Akamai Cloud Security Intelligence (CSI) platform.
Attack Spotlight: 363 Gbps DDoS Attack
Published July 25, 2016
In-depth analysis of one of the largest confirmed Distributed Denial-of-Service (DDoS) attacks of the year on the Akamai routed solution. This multi-vector attack employed six vectors simultaneously and peaked at 363 Gigabits per second (Gbps).
Timeline of DDoS Campaigns Against MIT
Published July 22, 2016
Akamai SIRT reviews and analyzes the of DDoS attack campaigns leveraged against the Massachusetts Institute of Technology (MIT) network during 2016. Since January, the network has been targeted more than 35 DDoS attacks with close to 43% of attack vectors leveraging reflection and amplification attack vectors.
Medium Risk DDoS Threat Advisory: Trivial File Transfer Protocol (TFTP) Reflection DDoS
Published June 1, 2016
A new DDoS reflection and amplification method has been observed abusing Trivial File Transfer Protocol (TFTP), continuing the trend of UDP-based protocols for malicious use.
High Risk DDoS Threat Advisory: #OpKillingBay Expands Targets Across Japan Published April 21, 2016
Akamai SIRT tracks the resurgence of the malicious actor group operating under the name #OpKillingBay, who over the last three years, have targeted Japanese companies affiliated with whale and dolphin hunting. Since the beginning of 2016, SIRT has seen the group's hacking activities expanded across industries not affiliated directly including automative and even to government domains.
High Risk DDoS Threat Advisory: BillGates Botnet Published April 4, 2016
Akamai SIRT has been tracking the threat posed by the recently discovered BillGates botnet – an evolving botnet from the XOR family previously reported on last year.
Disclaimer: The malware was named after Microsoft’s former CEO, Bill Gates based on the fact that it targets Linux machines instead of Windows. However, the malware is not affiliated in any way with Microsoft Corporation or the Founder, Bill Gates.
DNSSEC Amplification DDoS Published February 16, 2016
DNS reflection and amplification DDoS attacks now being observed abusing DNSSEC configured domains-effectively using DNS resolvers as a shared botnet.
Continuous Uptick in SEO Attacks Published January 12, 2016
Attackers are leveraging SQL injection vulnerabilities within websites to inject bogus web content and manipulate Search Engine Optimization (SEO) rankings.