New Delegated Administration feature in Enterprise Threat Protector

Managing security configurations for large organizations with locations scattered around the world can be challenging. Likewise, some businesses have multiple operating divisions that are separate entities but all use the same IT infrastructure. As an IT leader, you likely want to have consistenc...

U.S. Mid-term Elections and Akamai Enterprise Threat Protector

The last few years have witnessed seismic changes in the world's political landscape and the way elections have been conducted. As of yet, there's no conclusive evidence that the results and outcomes of a country's election process have been impacted by the cyber efforts of internal or foreign...

Managing Thousands of users in Hundreds of branches with a few clicks

We live in a global business world. Almost on a daily basis, we see organizations expanding rapidly across geographies. While businesses in every industry can have international sites, some verticals like banking, finance, education, and retail are more apt to have corporate offices in multiple...

Enhancing API Protection in Web Application Protector

by Volker Tegtmeyer and Hans Cathcart Are your APIs protected? Do you feel your business data is safe? Application Programming Interfaces API are a great tool for developers to build new applications faster. They're great for helping businesses implement and evolve new business models faster by...

Automate Firewall Protection on Your Website

by Volker Tegtmeyer and Hans Cathcart Have you ever felt like you did a great job protecting your mission-critical web applications, only to realize so many more web properties require your attention? Web properties are not all equal, and overloaded security teams can only focus on the most...

Zero Trust Security Architectures - Akamai's Approach

This is Part 5 of a 5 part blog series. Jump to Part 1: Introduction Jump to Part 2: Network Micro-Segmentation Jump to Part 3: Software Defined Perimeter Jump to Part 4: Identity Aware Proxy Introduction In the first part of this blog series, we covered an overview of zero trust architecture...

Accelerating Your Zero Trust Security Transformation with Enterprise Threat Protector

The basic concepts of zero trust security are relatively simple: trust nothing, verify everything, and maintain consistent controls. But, for CISOs and CIOs charged with transforming their legacy moats and castles architecture to one that allows their enterprises to embrace all of the benefits of...

Linux/ARM - sigaction() Based Egghunter (PWN!) + execve Shellcode (52 Bytes)

/ Title: Linux/ARM - sigaction Based Egghunter PWN! + execve"/bin/sh", NULL, NULL Shellcode 52 Bytes Tested: armv7l Raspberry Pi 3 Model B+ Author: Ken Kitahara System Information pi@raspberrypi: $ uname -a Linux raspberrypi 4.14.52-v7+ 1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux...

Linux/x86 - Add User(r00t/blank) Polymorphic Shellcode (103 bytes)

/ Shellcode Title: Linux/x86 - Add Userr00t/blank Polymorphic Shellcode 103 bytes Date: 2018-09-13 Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Tested on: Linux/x86 gcc -o polyaddusershellcode -z execstack -fno-stack-protector polyaddusershellcode.c / / Disassembly of section...

Linux/x86 - File Modification(/etc/hosts) Polymorphic Shellcode (99 bytes)

/ Title: Linux/86 - File Modification/etc/hosts Polymorphic Shellcode 99 bytes Author: Ray Doyle @doylersec Tested on: Linux/x86 gcc -o polyhostsshellcode -z execstack -fno-stack-protector polyhostsshellcode.c / / Disassembly of section .text: 08048060 : 8048060: 29 c9 sub ecx,ecx 8048062: 51 pus...

Getting the most out of your branch local connection

In our global world of business, organizations often have multiple branch offices spanning every country. Some of these branches are quite large with their own IT infrastructure and personnel, while some are very small with just a few employees. In the past, these branch offices were connected to...

Linux/MIPS64 - execve(/bin/sh) Shellcode (48 bytes)

Linux/MIPS64 - execve/bin/sh Shellcode 48 bytes. Shellcode exploit for LinuxMIPS platform / Title: Linux/MIPS64 - execve/bin/sh Shellcode 48 bytes Date: 2018-08-10 Author: Antonio execve/bin/sh shellcode for MIPS64 tested on MIPS Malta - Linux debian-mips64el 4.9.0-3-5kc-malta 48 bytes gcc...

Apache Struts Vulnerability CVE-2018-11776

On Wednesday, August 22nd, the Apache team patched another vulnerability in the Apache Struts2 framework. Apache Struts is an open-source web application framework for developing Java web applications. The vulnerability exists when these conditions are met: 1. The alwaysSelectFullNamespace flag...

How's that Security Back Door Doing? (Part 2)

In the first part of this blog post I wrote about how recursive DNS rDNS is an attack surface that many enterprises don't currently protect. Bad actors are exploiting that fact and developing advanced targeted threats that use DNS to bypass conventional security tools such as firewalls, secure we...

Picking Apart Remcos Botnet-In-A-Box

This blog post was authored by Edmund Brumaghin and Holger Unterbrink with contributions from Eric Kuhla and Lilia Gonzalez Medina. Overview Cisco Talos has recently observed multiple campaigns using the Remcos remote access tool RAT that is offered for sale by a company called Breaking Security...

CoSoSys Endpoint Protector 4.5.0.1 - (Authenticated) Remote Root Command Injection

CoSoSys Endpoint Protector 4.5.0.1 - Authenticated Remote Root Command Injection Title : CoSoSys Endpoint Protector - Authenticated Remote Root Command Injection Date : Vulnerability submitted in 01/12/2017 and published in 01/08/2018 Author : 0x09AL Tested on : Endpoint Protector 4.5.0.1 Softwar...

CoSoSys Endpoint Protector 4.5.0.1 Remote Root Command Injection

Title : CoSoSys Endpoint Protector - Authenticated Remote Root Command Injection Date : Vulnerability submitted in 01/12/2017 and published in 01/08/2018 Author : 0x09AL Tested on : Endpoint Protector 4.5.0.1 Software Link : https://www.endpointprotector.com/ Vulnerable Versions : Endpoint...

CoSoSys Endpoint Protector 4.5.0.1 - Authenticated Remote Root Command Injection Exploit

Exploit for php platform in category web applications Title : CoSoSys Endpoint Protector - Authenticated Remote Root Command Injection Author : 0x09AL Tested on : Endpoint Protector 4.5.0.1 Software Link : https://www.endpointprotector.com/ Vulnerable Versions : Endpoint Protector &1|nc %s %s...

CoSoSys Endpoint Protector 4.5.0.1 - (Authenticated) Remote Root Command Injection

Title : CoSoSys Endpoint Protector - Authenticated Remote Root Command Injection Date : Vulnerability submitted in 01/12/2017 and published in 01/08/2018 Author : 0x09AL Tested on : Endpoint Protector 4.5.0.1 Software Link : https://www.endpointprotector.com/ Vulnerable Versions : Endpoint...

Hp Data Protector Remote Client EXEC_CMD Code Execution - Ver2 (CVE-2011-0923)

A remote code execution vulnerability exists in Hp Data Protector. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...