In addition to driving industry-leading security intelligence, Akamai threat researchers regularly publish in academic journals and present at conferences and industry association events, sharing mitigation strategies and data focused on the constantly evolving security landscape.
THREAT RESEARCH BLOG
Phishing Detection Via Analytic Networks
We review the use of analytics in phishing and discuss how Akamai uses these identifiers to detect new phishing campaigns.
THREAT RESEARCH BLOG
A Cryptomining SSH Worm
We take a deep dive through each phase of an interesting cryptomining script.
FEATURED SECURITY VIDEO
Behind the Scenes with the Akamai Security Intelligence Response Team
FEATURED SECURITY REPORT
Despite waves of user training and endpoint defenses, phishing still works. Verizon reports that 32% of all data breaches and 78% of cyber-espionage incidents involved some form of phishing.
Today, criminals use phishing kits, sold on the dark web, to better impersonate well-known brands while mobile devices and social media help attacks propagate more quickly. In this new report, we look at how this oldest of cyberattacks has evolved to ensnare even the savviest security teams and users. Download your complimentary copy now.Download the report
FEATURED THREAT ADVISORY
Multiple Vulnerabilities in Magento: Earlier this week, Magento disclosed a new set of vulnerabilities affecting versions 2.0 and up. With a proof of concept exploit already published and the an SQL injection vulnerability being actively exploited, we look at how you can determine if you have been targeted and recommended remedial actions to be taken.
Security Intelligence and Threat Research Blogs
- New DDoS Vector Observed in the Wild: WSD Attacks Read Blog Post
- XMR Cryptomining Targetng X86/I686 Systems Read Blog Post
- Summer Phishing Scams Targeting Vacation Hotspots Read Blog Post
- Criminals Using Targeted Remote File Inclusion Attacks in Phishing Campaigns Read Blog Post
- Adversarial DGA - Is It Out There? Read Blog Post
- Pykspa v2 DGA Updated to Become Selective Read Blog Post
- Anatomy of a SYN-ACK Attack Read Blog Post
Technical Threat Research
- Strategies for Active IPv6 Topology Discovery Read Publication
- Advancing the Art of Internet Edge Outage Detection Read Publication
- Improving Bitrate Adaptation in the DASH Reference Player Read Publication
- State of the Internet / Security: Media Under Assault Read Report
- 2019 State of the Internet / Security: Financial Services Attack Economy Read Report
- 2019 State of the Internet / Security: Web Attacks and Gaming Abuse Read Report
- 2019 State of the Internet / Security: Credential Stuffing - Attacks and Economies Read Report
- 2019 State of the Internet / Security: Retail Attacks and API Traffic Report Read Report
- 2019 State of the Internet / Security: DDoS and Application Attacks Report Read Report
Lisa Beegle is the Senior Manager of Info Security at Akamai and part of her core responsibility is oversight of Akamai’s Security Incident Response Team (SIRT). The Akamai SIRT specializes in the research of hacking tools and attack techniques. She leverages her knowledge and experience related to attack events over the past decade to help educate organizations on arising threats for situational awareness and to solidify their security posture, preparedness, and process.
The latest threat advisories, network security white papers, and cloud security news with updates on DDoS attacks, botnets, malware, ransomware, and other cybersecurity vulnerabilities.
- Multiple Magento Vulnerabilities: Learn about a new set of exploits, checks, and recommended fixes Read Report
- Satori Mirai Variant Alert: We look at new Mirai exploits that target multiple vulnerabilities Read Report
- CLDAP Reflection: We analyze the capabilities of and defenses against a new CLDAP method Read Report
Network Security White Papers
- Web Vulnerabilities: The Foundation of the Most Sophisticated DDoS Campaigns Read the whitepaper
- Plan vs. Panic: Making a DDoS Mitigation Playbook Part of Your Incident Response Plan Read the whitepaper
- IDC: Worldwide DDoS Prevention Products and Services 2013–2017 Forecast Read the whitepaper
Our unprecedented visibility provides insights into DNS and IP traffic that inform threat visualizations to reveal risk factors and attacks blocked, and provide critical security data.
Daily threat levels by industry and region containing informed Internet security metrics.Learn More
Akamai Threat Research in the News
Top stories in the security industry trade, with insights from our threat intelligence research experts.
Chad Seaman on the Akamai SIRT team’s WS-Discovery protocol exploitation research and how reflection DDoS attacks are a fact of life in the Internet.Read on Wired
Steve Ragan and Or Katz share their thoughts on the evolution of phishing techniques and how evasion is at the forefront of phishing kit creators.Read on Dark Reading
Lisa Beegle on the latest DDoS attack trends, including how threat actors are embracing the DDoS for Hire underground market.Read on CRN
Chad Seaman discusses how DDoS as a Service is alive and well, and continues to be fueled by Akamai SIRT team’s latest discovery.Read on Fortune
Nelson Rodriguez discusses ransomware attacks against Fortnite players and how game publishers and players can help avoid and mitigate cyberattacks.Read on Venture Beat
What's New In Publishing
Tara Bartley writes about the dilemma that web publishers face when it comes to blocking bot traffic, despite the security risks they may pose.Read on What's New In Publishing
Meet Us at the Edge
Get the latest security research firsthand - meet our threat intelligence experts face-to-face at industry events throughout the year.
An array of useful threat research tools from browser debugging to firmware updates.
- MQTT-PWN A comprehensive solution for IoT broker penetration-testing and security assessment operations. Learn More
- JSShell An interactive multi-user web JS shell. Learn More
- Pipiot Double architecture x86/ARM malicious payload construction. Learn More
- Sonoff-Evil Firmware PoC that demos exploitation by MQTT. Learn More
- Sonoff-Angel Firmware that hardens usage of dangerous MQTT routines. Learn More
Robust compliance assessment programs, personal data processing services, and Payment Card Industry Data Security Standard (PCI DSS) certification.
Learn more about Akamai’s comprehensive compliance assessment programs and how we work with customers to obtain and maintain compliance.Learn More
Read more about Akamai’s personal data processing activities associated with the services it provides to customers.Learn More