A new Akamai PLXsert whitepaper was released this morning: "Web Vulnerabilities: The foundation of the most sophisticated DDoS campaigns." The paper can be downloaded here.
Security practitioners know this much from long experience:
Attackers who successfully build botnets and launch DDoS campaigns start by exploiting web vulnerabilities. It is the low-hanging fruit. In the white paper, PLXsert explores specific examples of the exploitation of popular web content management systems and web management suites and how these compromises have led to the development of some of the most advanced and difficult-to-stop DDoS campaigns.
- Related podcast: Inside the PLXsert