In addition to driving industry-leading security intelligence, Akamai threat researchers regularly publish in academic journals and present at conferences and industry association events, sharing mitigation strategies and data focused on the constantly evolving security landscape.
THREAT RESEARCH BLOG
Do Not Trust User Input While Rendering PDFs
365体育网址We examine the usage of PDF renders on the Internet.
THREAT RESEARCH BLOG
Access and Threat Insights: Thanksgiving
We provide insights into enterprise access and threats during the thanksgiving holiday.
FEATURED SECURITY VIDEO
Behind the Scenes with the Akamai Security Intelligence Response Team
FEATURED SECURITY REPORT
2019 was a big year in security. While Facebook breaches and ransomware attacks made headlines, security professionals worked behind the scenes to fend off vulnerabilities, bots, and other threats.
In our new 2019 — A Year in Review report, we reexamine the year’s most important security developments, with a focus on research from Akamai’s Security Intelligence Response Team (SIRT). Also included are updated charts relating to DDoS targets, credential stuffing, and web application attack vectors. Download the report now.Download the report
FEATURED THREAT ADVISORY
Fake Cozy Bear Group Making DDoS Extortion Demands:A group calling themselves "Cozy Bear" has been emailing various companies with an extortion letter, demanding payment and threatening targeted DDoS attacks if their demands are not met. We take a deep dive into their methods, suggest countermeasures, and examine a real extortion letter.
Security Intelligence and Threat Research Blogs
- Update to x86 XMR Crypto Mining Blog Post
- Out of Season IRS Phishing Campaigns
- Phishing Detection Via Analytic Networks
- A Cryptomining SSH Worm
- Drupalgeddon2 Still Used in Attack Campaigns
- New DDoS Vector Observed in the Wild: WSD Attacks
- XMR Cryptomining Targetng X86/I686 Systems
- Summer Phishing Scams Targeting Vacation HotspotsRead Blog Post
Technical Threat Research
- Strategies for Active IPv6 Topology DiscoveryRead Publication
- Advancing the Art of Internet Edge Outage DetectionRead Publication
- Improving Bitrate Adaptation in the DASH Reference PlayerRead Publication
- State of the Internet / Security: Phishing — Baiting the HookRead Report
- State of the Internet / Security: Media Under AssaultRead Report
- 2019 State of the Internet / Security: Financial Services Attack EconomyRead Report
- 2019 State of the Internet / Security: Web Attacks and Gaming AbuseRead Report
- 2019 State of the Internet / Security: Credential Stuffing - Attacks and EconomiesRead Report
- 2019 State of the Internet / Security: Retail Attacks and API Traffic ReportRead Report
- 2019 State of the Internet / Security: DDoS and Application Attacks ReportRead Report
Kaan Onarliogluis an architect with Akamai's Security Intelligence team. During the day he shifts between helping Akamai engineers build a secure CDN, and educating our customers on our security stance. At night Kaan dons his white coat and leads an international team of scientists on academic research projects. Kaan has authored scholarly papers in top security venues including IEEE S&P, Usenix Security, ACM CCS, and NDSS. He is active in many branches of systems security research, with a focus on exploring the human factors therein and engineering practical technologies. He is oddly excited about the resurgent web cache poisoning attacks.
365体育网址The latest threat advisories, network security white papers, and cloud security news with updates on DDoS attacks, botnets, malware, ransomware, and other cybersecurity vulnerabilities.
- Multiple Vulnerabilities in Magento: We look at how you can determine if you have been targeted and recommended remedial actions to be takenRead Report
- Multiple Magento Vulnerabilities: Learn about a new set of exploits, checks, and recommended fixesRead Report
- Satori Mirai Variant Alert: We look at new Mirai exploits that target multiple vulnerabilitiesRead Report
- CLDAP Reflection: We analyze the capabilities of and defenses against a new CLDAP methodRead Report
Network Security White Papers
- Web Vulnerabilities: The Foundation of the Most Sophisticated DDoS CampaignsRead the whitepaper
- Plan vs. Panic: Making a DDoS Mitigation Playbook Part of Your Incident Response PlanRead the whitepaper
- IDC: Worldwide DDoS Prevention Products and Services 2013–2017 ForecastRead the whitepaper
Our unprecedented visibility provides insights into DNS and IP traffic that inform threat visualizations to reveal risk factors and attacks blocked, and provide critical security data.
365体育网址Daily threat levels by industry and region containing informed Internet security metrics.Learn More
365体育网址The total of all web application attacks observed in the past 24 hours.Learn More
Akamai Threat Research in the News
Top stories in the security industry trade, with insights from our threat intelligence research experts.
Chad Seaman weighs in on how some of the biggest threats of 2019 will likely trend for 2020. Work from Akamai’s security researchers is featured as well.Read on CSO
Andy Ellis provides his take on some outdated security rules we all know (and maybe live by) that no longer apply.Read on Dark Reading
365体育网址An article about an alert issued by Akamai’s Security Intelligence Response Team (SIRT) about how a fake Cozy Bear group was making DDoS extortion demands.Read on CyberScoop
365体育网址Or Katz tracks a surge in IRS phishing sites in what seems to be an unusual time of the year for this type of activity.Read on Ars Technica
365体育网址Steve Ragan and Jonathan Singer discuss how online games are juicy targets for nefarious hacking activities, and how players and companies can protect themselves.Read on Venture Beat
365体育网址Steve Winterfeld on how cybercriminals continue to develop and evolve an ecosystem that allows for rapid flexibility across different business models.Read on RSA Conference
Meet Us at the Edge
Get the latest security research firsthand - meet our threat intelligence experts face-to-face at industry events throughout the year.
February 24–28, 2020
San Francisco, CA
365体育网址An array of useful threat research tools from browser debugging to firmware updates.
- MQTT-PWNA comprehensive solution for IoT broker penetration-testing and security assessment operations.Learn More
- JSShellAn interactive multi-user web JS shell.Learn More
- PipiotDouble architecture x86/ARM malicious payload construction.Learn More
- Sonoff-EvilFirmware PoC that demos exploitation by MQTT.Learn More
- Sonoff-AngelFirmware that hardens usage of dangerous MQTT routines.Learn More
Robust compliance assessment programs, personal data processing services, and Payment Card Industry Data Security Standard (PCI DSS) certification.
365体育网址Learn more about Akamai’s comprehensive compliance assessment programs and how we work with customers to obtain and maintain compliance.Learn More
365体育网址Read more about Akamai’s personal data processing activities associated with the services it provides to customers.Learn More