Get In Touch
March 2014 Archives
Akamai researchers have released fresh details regarding the Wordpress XML-RPC pingback exploits used in a series of DDoS attacks earlier this month. The details are in an advisory written by CSIRT's Larry Cashdollar.
It's that time of again - time for Top Tweets of the Week! We're gearing up for the NAB Show and Second Screen Summit next week, and also pretty excited about helping NBC deliver record amounts of video content during the 2014 Sochi Winter Olympics. Want to know what else has happened at Akamai this week? Check out this weeks installation of "Top Tweets of the Week"
Sometimes 99% just isn't good enough. That is the global Country Level SLA Akamai's Edgescape Pro Service currently commits to. The lack of four 9's or finer granularity to this SLA is quite simple-- Internet IP space is not static. Oh ya, and there are a lot of IPs out there too that move around in fractional blocks including portable IP space, and ISPs jockeying for every last IPV4 address
We hear a lot about the need to educate kids on Internet security threats. But Christopher Burgess, CEO of security consultancy Prevendra, thinks the danger is even greater for senior citizens who haven't had the advantages of growing up in a hyper-connected world. "We focus so much on protecting our kids. Nobody is watching the seniors," he told me in a phone conversation this week. "A lot of people are invested in
A week after the shutdown of Full Disclosure sent shockwaves through the security industry, we're getting word that it's getting a second chance. Nmap Project hacker Gordon Fyodor Lyon announced Tuesday that he's taking on management of the list.
In a market where innovation is the name of the game and competition is fierce, Progressive High Tech organizations must deliver products and services quickly, efficiently and cost effectively. The High Tech Industry must ensure unmatched cloud computing security to prevent malicious attacks, data theft and downtime. Don't leave the quality of your content delivery to chance when the web is strategic to your business. Learn how IBM Edge Delivery
In this week's episode of the Akamai Security Podcast, I talk to Christian Ternus of our adversarial resilience team. He's been the driving force behind "Humanity in Security," an effort to address burnout, depression and stress in the security community.Listen to the full episode HERE.More Akamai Security Podcast episodes are available here.
Here at Akamai, it is our goal to work with Operators to build a more efficient network and a faster Internet service to meet the growing demands of their subscribers. We are thrilled to be announcing a strategic global alliance with one of the largest telecommunications companies in the world to deliver on that goal, Telefonica. And when we say "one of the largest"...Telefonica has over 323 million customers!
Watch this overview of how Akamai helps our customers deliver reliable, fast and secure web experiences with Akamai Director of Web Experience Product Marketing, M.J. Johnson. M.J. also provides an overview of how websites have evolved into full-fledged dynamic applications and how the way users interact with these sites has changed with the proliferation of new devices and variable network conditions.
The final speaker list and agenda have yet to be finalized, but plenty of details are now available regarding BSides Boston 2014. Those details are below. As for the final agenda, stay tuned for that after the call for papers period closes March 31.
The full schedule has been released for next month's SOURCE Boston security conference. This year's keynote speakers are:Internationally renowned security technologist and author Bruce Schneier;Justine Aitel, who manages cyber security and identity programs at Dow Jones; and Dr. Andrea M. Matwyshyn, an academic studying technology innovation and its legal implications, particularly corporate information security regulation and commercial and consumer privacy.The SOURCE website includes podcast interviews with the keynoters as well as
It's Friday again! This week, we attended the Game Developers Conference in San Francisco, enjoyed Pi Day the way it's supposed to be enjoyed (with pie), and wondering what security professionals would ask for if they were granted one wish. It's been busy around here, but it's time to sit back and enjoy this weeks edition of "Top Tweets of the Week"!
The job of security professionals is becoming tougher by the day. While we work hard to ensure that vulnerabilities are covered, an attacker simply needs to find the weakest link. Not a pleasing thought, but often attackers have the time and resources on their side while the "good guys" work under a whole different set of pressures.
International Data Group (IDG) announced yesterday that its Founder and Chairman, Patrick J. McGovern, died March 19 at Stanford Hospital in Palo Alto, California. Having worked at IDG for five years before coming to Akamai, the news made me profoundly sad. But this post is a celebration of a life well lived and the huge legacy he left in the world of tech media and beyond.
There's a lot of valuable perspective out there regarding the shutdown of Full Disclosure, a mailing list where researchers posted details of exploits and software security holes. I'll share that perspective below. But first, here are my thoughts as an ex-journalist who often relied on it for news.
How you measure page can dramatically impact your view on a website's performance. Synthetic testing tools on one hand and Real User Monitoring technology are all useful, but only if you understand what they represent. In this video Mike McCall, Product Architect at Akamai, explains the different measuring tools, and what purpose does each one serve.
The great videos David Spark produced during RSA Conference 2014 keep rolling in. In this latest episode, security professionals are asked what they would want if they could be granted one wish. The answers are amusing and, in most cases, unattainable. Visit the site of our partner Tripwire for a related article.
The competition for wallet share has never been greater. A well designed application delivered over the internet is only as good as the client experience. You need a world class delivery platform! Learn how IBM Edge Delivery Services powered by Akamai transforms the Internet into an Enterprise class network to deliver mission critical Web applications to consumers quickly, reliably and securely. Learn more about becoming an Akamai Partner: http://www.akamai.com/html/partners/index.html Learn
An overview of the online video landscape, consumer expectations and the importance of video quality with Akamai Director of Media Product Marketing, Kurt Michel. Kurt also provides an overview of the quality chain that must be considered when delivering exceptional media experiences: delivery, storage, preparation, protection and analytics.Learn more about Akamai's Media & Delivery Solutions:http://www.akamai.com/html/solutions/sola-solutions.html
One of the big topics at last month's RSA Conference was DevOps, the process by which developers and IT operations work together to speed up development and production at unprecedented levels, pushing sometimes thousands of updates to production in a single day. Gene Kim (@RealGeneKim), author of "The Phoenix Project" and a huge proponent of DevOps production environments, and Josh Corman (@JoshCorman), CTO of Sonatype, explain the benefits in this Tripwire
Following last week's cyber-attacks on Meetup's infrastructure, Antone Gonsalves, a reporter from CSO Online, asked me, for an article he was writing, what steps I would recommend CISOs to take "if they came under a similar attack". I hesitated before giving a softball answer, "don't wait for the attack, prepare for it." I could sense the reporter's frustration immediately. He wanted to give his readers step-by-step instructions, to what I
Our researchers spent much of yesterday tracking a massive DDoS exploiting weaknesses in the Wordpress blogging platform. Most of the news reports are consistent with what we saw, so let's take a look at some of the more comprehensive pieces, starting with a CSOonline blog post from Akamai Security Advocate Dave Lewis. The overall message: This latest attack is just another example of an old and unaddressed problem.
This week's episode of the Akamai Security Podcast is a recap of RSA Conference 2014, and my guests are Stuart Scholly, SVP and General Manager of Akamai's Security Business Unit, Akamai CSO Andy Ellis, and Program Manager Meg Grady-Troia.Listen to the full episode HERE.
Akamai InfoSec personnel will be on hand this weekend to help run the seventh Annual Northeast Collegiate Cyber Defense Competition, in which students are divided into teams to carry out simulated cyber-defense scenarios.
Another eTail West in the Books I look forward to the eTail West Conference every year as a chance to spend time with our industry peers, stay up to date with best practices, and learn about emerging opportunities and technologies in the online retail community. I was inspired by the conference as a whole and impressed with the caliber of attendees and valuable information shared by over 200 retailer speakers. The
There's an interesting article in Computerworld today about the dangers surrounding Microsoft's plan to finally pull the plug on Windows XP. The argument goes something like this: Many people still use XP, and depriving them of future security patches could lead to devastating malware infections and, by extension, myriad forms of mayhem.
Neil shares how Akamai's services transform the cloud from a chaotic place with unpredictable performance and scale to a secure, reliable and cost-effective environment to do business. Neil also gives an overview of how Akamai transforms the cloud to make the Internet fast, reliable and secure and why that matters for your business.Learn more about Akamai's Solutions and how they can move your business faster forward: http://www.akamai.com/html/solutions/index.html
The difference between success and failure comes down to user perception of response time, reliability and safety. Sophisticated online users expect a high quality experience regardless of location and device type. IBM Edge Delivery Services powered by Akamai overcomes the complexities so the Internet works as a trusted, reliable and secure platform. Learn how your company can benefit from IBM Edge Delivery Services.
Akamai InfoSec Program Manager Benjamin Brown will give a talk at two upcoming events called "Meta Cognition and Critical Thinking in Open Source Intelligence (OSINT)."
It's been a busy week here at Akamai. From heading out to #eTailWest to ending the week by celebrating International Women's Day, we have rounded up this weeks "Top Tweets of the Week"! Enjoy!
Patch Tuesday is an important calendar item for Akamai customers, given how dominant Windows machines are in many companies. What follows is a preview of Microsoft's March 2014 Security Update.
The surge in Microsoft [IIS] install base gains reported in the Netcraft February 2014 Web Server Survey presents an opportune time to write about a lesser known behavioral interaction between IIS and Caching Web Proxies as well as other layer 7 network intermediaries that operate similarly. The interaction in question is related to HTTP compression being disabled whenever an HTTP Via header is included in inbound request to the server.
My friend David Spark, founder of Spark Media Solutions, does some outstanding videos each year during RSA. They are educational, humorous and brilliantly edited. His work appears on the site of one of our partners, security vendor Tripwire. Per an agreement, I'm sharing them here as well. Enjoy!
I've been thinking a lot about the culture of security since RSA Conference 2014, and find myself returning to a topic that got me in trouble three years ago.
DNS (Domain Name System) queries are a hidden component of practically everything we do on the web - and specifically, they make up an important part of web browsing. This video explains the core principles of DNS, as they relate to web browsing, and why a fast DNS matters.
No longer is IPv6 "just around the corner". It's here. In the half-year following when I last wrote about our measurements of IPv6 adoption, many of the metrics we were tracking have doubled. This is in large part due to increased adoption of IPv6 by residential broadband networks in the U.S.A. and Germany. As of December 2013, we were serving over 20 billion IPv6 requests per day, double the 10
Dr. Michael Wu, PhD, chief scientist at Lithium presented a workshop in the (very cold) Boston area this past week called "the science + ROI of social media influence". I stress the very cold statement as when we discussed the topic of "creditability" he pointed out that he is not credible when it comes to clothing. His wife, however is very credible, as she picks out his clothes. He was
As you might have already read, we were at RSA Conference in San Francisco last week. For the first time, I had the opportunity to live-tweet the entire conference: from William Shatner's musical opening, to Andy Ellis', Or Katz's and Tsvika Klein's talks, to Stephen Colbert's closing keynote. Did you miss RSA Conference this year? Read our Twitter stream to follow the various talks and events from each day. Enjoy!