Latest news with #Akamai
Techday NZ
12 hours ago
- Business
- Techday NZ
Ransomware threats rise, attackers adopt quadruple extortion
A new cybersecurity report highlights the increasing complexity and destructiveness of ransomware attacks targeting businesses and organisations in 2025, with attackers employing advanced extortion tactics and expanding their methods. Akamai has released a qualitative research report entitled "Building resilience amid a volatile threat landscape," which provides an analysis of the operations of prolific ransomware groups such as BlackCat/ALPHV, LockBit, Clop, and RansomedVC. The report explores how these groups have adapted their strategies in response to technological advancements and recent regulatory developments in the UK and elsewhere. Quadruple extortion The report identifies the emergence of quadruple extortion as a growing trend among cybercriminals. Traditionally, ransomware attacks followed a double extortion model, where attackers encrypted a victim's data and threatened to leak it publicly if a ransom was not paid. The new quadruple extortion tactics combine encryption with distributed denial-of-service (DDoS) attacks, public harassment, and threats of regulatory exposure, increasing the pressure on targeted organisations. "Ransomware threats today aren't just about encryption anymore. Attackers are using stolen data, public exposure, and service outages to increase the pressure on victims. These methods are turning cyberattacks into full-blown business crises, and are forcing companies to rethink how they prepare and respond," said Steve Winterfeld, Advisory CISO at Akamai. The sophistication of ransomware groups has been enabled in part by affiliate models, which allow individuals with varying technical abilities to participate in large-scale campaigns. The research found that ideological motivations are also playing a greater role, with some groups driven by political or social causes in addition to financial gain. This complicates the attribution of attacks and presents new challenges for defenders. GenAI and social engineering Another major development highlighted by Akamai is the use of generative artificial intelligence (GenAI) and large language models (LLMs) to automate aspects of ransomware campaigns. The report notes that such technologies are making it easier for less technically skilled individuals to write ransomware code and enhance social engineering tactics. This has contributed to an increase in both the frequency and scale of attacks in the past year. Hacktivist and ransomware hybrid groups have become more prominent, often utilising ransomware-as-a-service (RaaS) platforms to extend their reach. Dragon RaaS, which emerged in 2024 from the Stormous group, is cited as an example of this trend, having shifted its focus from large corporations to smaller organisations perceived as having weaker security defences. Impact on nonprofits and education The report also addresses the issue of cryptominers, which while distinct from ransomware actors, often use similar tactics and target sectors believed to be vulnerable. Akamai researchers found that nearly half of the cryptomining attacks examined targeted nonprofit and educational organisations, likely due to resource limitations in these industries. In addition, the TrickBot malware family is identified as a major tool for ransomware deployment. Since 2016, TrickBot has been used by ransomware groups globally to extort more than USD $724 million in cryptocurrency from victims. The Akamai Guardicore Hunt Team recently linked this malware to suspicious activity on the systems of several customers. Regulatory landscape The report provides an analysis of current legal and regulatory efforts influencing how organisations respond to ransomware incidents. Akamai's Vice President and Chief Privacy Officer, James A. Casey, commented on the need for organisations to adopt comprehensive cybersecurity strategies in light of evolving threats and regulatory requirements. Casey notes that while existing cybersecurity laws apply to ransomware, specific regulations focus on discouraging ransom payments. He also highlights the importance of robust cybersecurity measures, incident reporting, and risk management, as well as strategies like Zero Trust and microsegmentation, to build resilience against evolving ransomware threats. Casey stresses the necessity for organizations to stay informed and adapt to emerging threats. The report presents several actionable recommendations for security teams looking to anticipate and counter attacker tactics in 2025. These include staying abreast of the latest threat actor techniques, investing in robust cybersecurity defences such as zero trust and microsegmentation, and ensuring timely incident reporting and risk management strategies are in place. The detailed findings aim to provide organisations with the information they need to strengthen their resilience against ransomware, as threat actors continue to diversify their motives and approaches in a rapidly changing environment.
Indian Express
7 days ago
- Indian Express
Warning: This malware is using a Windows feature to steal your banking details
Security researchers have stumbled across a new variant of the infamous Coyote malware that uses a Windows feature to steal bank credentials. Discovered by Akamai, a cybersecurity firm that helps prevent, detect and mitigate cyberthreats, Coyote is now using a Windows feature called the UI Automation framework to understand which cryptocurrency and exchange websites are accessed by users to steal wallets and banking information. For those wondering, Microsoft's UI Automation framework allows applications to use assistive technologies to interact and control user elements. As for Coyote, the malware uses various techniques like keylogging and phishing overlays to steal banking information using the Squirrel installer, a popular tool that helps install and update Windows-based applications. Cybersecurity researchers say that the malware sends detailed information like computer name, user name, system attributes and information about the financial services used by the victim to its command and control centre. It then invokes a Windows API called GetForegroundWindow() to get control of the currently active window and compares it to a hardcoded list of banking websites and cryptocurrency exchanges. If it is unable to find a target in the window title, it then makes use of the Windows UI Automation service to get the web address and compare it with its list. And while Coyote's use of UIA is currently limited to the reconnaissance phase, security researchers at Akamai have shared a proof-of-concept that shows how the Windows feature can be used to steal login credentials entered on these websites. Currently, the malware is targeting Brazilian users, but researchers say that it is common for cybercriminals to test the effectiveness of a new malware in a specific region before they unleash it worldwide. Recently, cybersecurity researchers came across the first-of-its-kind AI-powered malware called 'LameHug' that hides itself in ZIP archives to infect Windows machines.
Globe and Mail
7 days ago
- Business
- Globe and Mail
RBC Capital Sticks to Their Hold Rating for Akamai (AKAM)
In a report released on July 20, Rishi Jaluria from RBC Capital maintained a Hold rating on Akamai, with a price target of $80.00. The company's shares closed yesterday at $78.71. Elevate Your Investing Strategy: Take advantage of TipRanks Premium at 50% off! Unlock powerful investing tools, advanced data, and expert analyst insights to help you invest with confidence. Jaluria covers the Technology sector, focusing on stocks such as Salesforce, Microsoft, and Pegasystems. According to TipRanks, Jaluria has an average return of -9.3% and a 45.60% success rate on recommended stocks. Currently, the analyst consensus on Akamai is a Hold with an average price target of $92.55. AKAM market cap is currently $11.5B and has a P/E ratio of 26.54.
Time of India
21-07-2025
- Business
- Time of India
'Don't let LLM's success cloud your judgment': Tech CTO shares hard-hitting AI truths for businesses
When Hype Becomes Hazard More Than Just LLMs Let Curiosity Lead, Not Cost Why This Matters Now You Might Also Like: GitHub CEO calls out AI panic, explains why the idea of coding skills becoming obsolete is 'mistaken' Speaking at the recent MIT Technology Review EmTech AI Conference, Akamai CTO Robert Blumofe offered a refreshingly grounded perspective on how enterprises can break free from the relentless " AI hype cycle "—a pattern where curiosity turns to FOMO, and hastily adopted AI solutions lead to disappointment. His four-point roadmap, shaped by Akamai's own AI journey, serves as a crucial reality check in a world increasingly driven by artificial who also holds a PhD in computer science from MIT, described a familiar trap that many organizations are falling into. 'That's the chain: AI success, theater, FOMO, and some form of failure,' he said during his talk. Businesses, in their rush to appear cutting-edge, mistake early-stage use cases for scalable solutions—plunging into costly and ineffective AI this problem isn't niche. According to a Pew Research study cited in his address, only 1 in 6 U.S. workers currently use AI at work, revealing a stark gap between AI's perceived and practical utility. 'Most jobs at this point can benefit from AI,' said Blumofe. 'It's a matter of which tasks can most benefit, and how, using which form of AI.'Blumofe urged companies to look beyond the fascination with large language models . While LLMs like ChatGPT have demonstrated remarkable versatility—from email classification to customer support—they're not the silver bullet for every enterprise challenge.'In many ways, an LLM is a ridiculously expensive way to solve certain problems,' he noted, pointing to Akamai's use of purpose-built models in cybersecurity threat detection. Models like these, he argued, offer more efficiency and relevance than a trillion-parameter advice? Think smaller and sharper. LLMs are just one tool in a vast AI toolkit. Symbolic AI, deep learning, and ensemble models can be better suited for tasks that require precision, logic, and domain approach to fostering AI adoption is democratic: let employees experiment. The company built an internal AI sandbox, giving teams the freedom to play, build, and discover practical applications on their own terms. While the setup may test IT infrastructure limits, Blumofe insists the freedom sparks innovation. 'I feel no need to evaluate each use case,' he when asked about companies that require hiring managers to prove AI can't do a job before hiring a human, Blumofe didn't mince words: 'That's getting the tail before the dog.' The question shouldn't be, 'Why not AI?' but 'What's the right tool for the problem at hand?'Blumofe's caution comes at a pivotal moment in AI's evolution. As VentureBeat recently reported, major players like OpenAI, DeepMind, and Meta are collaborating to raise alarms about AI systems potentially becoming too smart—and too opaque. A recent paper on 'Chain of Thought Monitorability', endorsed by AI luminaries like Geoffrey Hinton, warns that if LLMs start thinking in ways we can't interpret, we risk losing why responsible leadership matters now more than ever. The real AI revolution won't be won by the company with the flashiest chatbot—but by the one that knows exactly when, why, and how to use it.
Yahoo
11-07-2025
- Business
- Yahoo
CISA confirms hackers are actively exploiting critical ‘Citrix Bleed 2' bug
U.S. cybersecurity agency CISA says hackers are actively exploiting a critical-rated security flaw in a widely used Citrix product, and has given other federal government departments just one day to patch their systems. Security researchers have dubbed the bug 'Citrix Bleed 2' for its similarity to a 2023 security flaw in Citrix NetScaler, a networking product that large companies and governments rely on for allowing their staff to remotely access apps and other resources on their internal networks. Much like the earlier bug, Citrix Bleed 2 can be remotely exploited to extract sensitive credentials from an affected NetScaler device, allowing the hackers broader access to a company's wider network. In an alert on Thursday, CISA said it had evidence that the bug was being actively used in hacking campaigns, adding to the raft of research and findings pointing to widespread exploitation, with some reporting hacks dating back as far as mid-June. Akamai said it saw a 'drastic increase' in efforts to scan the internet for affected devices after details of the NetScaler exploit were published earlier this week. CISA said the NetScaler bug poses a 'significant risk' to the federal government's systems, and ordered federal government agencies to patch any Citrix device affected by the bug by Friday. For its part, Citrix has not yet acknowledged that the vulnerability is being exploited. The company's security advisory urges customers to update affected devices as soon as possible. Citrix representatives did not respond to TechCrunch's request for comment. Sign in to access your portfolio
