Akamai Diversity

The Akamai Blog

November 2014 Archives

Bill Brenner

Bill Brenner

November 25, 2014 7:38 AM

8 Security Measures for IT Shops This Holiday Season

We've offered a lot of security advice for those shopping online this holiday season. But what about the IT practitioners responsible for securing sites those customers are using?This post is for them.Here are some words of wisdom I've picked up from security pros over the years. Some of the advice may seem obvious. But as I said yesterday, repetitive advice tends to be necessary in this hyper-connected, fast-paced world of

Akamai

Akamai

November 24, 2014 3:04 PM

The 2014 Shopping Season is Here: What's to Come?

And so it has begun. Thanksgiving and the busiest days of the holiday shopping season are upon us - and that means massive online traffic growth. Last year at this time, Akamai's Lorenz Jakober reviewed ecommerce and holiday spending predictions, and hypothesized that our Akamai Retail Net Usage Index (NUI) could top 10 million page views per minute during the 2013 Black Friday and Cyber Monday weekend, and he

Bill Brenner

Bill Brenner

November 24, 2014 7:12 AM

Online Shopping Scams and How to Avoid Them

We recently shared five tips from Akamai Security Advocate Dave Lewis on how to avoid traps attackers set for online holiday shoppers. Today, we share articles from various publications to help you identify and avoid the most typical scams.Tomorrow, I'll have a new post on things IT practitioners can do for their retail employers to harden systems against attack. The advice is important, because for every 100 failed online scams

Michael Gooding

Michael Gooding

November 21, 2014 10:00 AM

Using real time monitoring insights from the holiday ...

You've spent countless hours readying your eCommerce site for the holiday season. It's time to sit back, sip some eggnog and watch the traffic roll in, right? Wrong. The holidays are the perfect time to analyze your shoppers' movements and learn how to optimize for better user experiences in 2015.

Akamai

Akamai

November 20, 2014 9:50 AM

Internet Application Delivery Challenges for Enterpr ...

Here at Akamai it's no surprise that we believe in the transformative power of the Internet. Since its early days, smart companies have taken advantage of this power (often with our help!) to enable users with the freedom to shop, stream media, and connect remotely - but many of these same companies still need to learn how to use the Internet to deliver business-critical applications.

Bill Brenner

Bill Brenner

November 20, 2014 6:00 AM

Yummba Webinject Tools Used for Banking Fraud

Attackers are using Yummba webinject tools to target banks and other enterprises, Akamai's Prolexic Security Engineering & Response Team (PLXsert) warned in an advisory this morning. Download the advisory from our State of the Internet site Zeus crimeware has a history of being used to build botnets, steal banking credentials and launch DDoS attacks -- targeting platform-as-a-service (PaaS) and software-as-a-service (SaaS) infrastructures. The added capabilities of Yummba custom webinjects make

Bill Brenner

Bill Brenner

November 19, 2014 8:27 AM

Demo Illustrates the Powerful Simplicity of "Let's E ...

Yesterday, I told you about "Let's Encrypt" -- the new, free Certificate Authority (CA) launched by the Internet Security Research Group (ISRG) with help from Akamai and other companies. To recap, this is another big step in the industry-wide transition from cleartext HTTP to secured HTTPS over TLS. It will allow organizations to obtain basic server certificates for their domains through a simple one-click process.For a look at how simple

Akamai

Akamai

November 18, 2014 2:00 PM

Did you prepare for the onslaught of traffic this ho ...

The holiday shopping season is quickly approaching, which means that retailers will start seeing an uptick in traffic to their websites. While traffic increases certainly have the potential to positively impact the bottom line, surges in activity can also result in downtime, if you don't prepare. Why is this a problem? Even a minute of downtime can cost thousands - or hundreds of thousands - of dollars and can damage

Bill Brenner

Bill Brenner

November 18, 2014 10:05 AM

"Let's Encrypt" = Secure HTTPS Over TLS

The industry-wide transition from cleartext HTTP to secured HTTPS over TLS moves another step forward this week, with the Internet Security Research Group (ISRG) announcing the launch of a new Certificate Authority (CA) service called "Let's Encrypt." Akamai, Mozilla, Cisco, the Electronic Frontier Foundation, IdenTrust and researchers at the University of Michigan are working through ISRG to deliver the infrastructure in mid-2015.

Bill Brenner

Bill Brenner

November 17, 2014 6:41 AM

Voting Season for (ISC)2 Members

Many readers of this blog are CISSPs and members of (ISC)2 -- the organization that administers and maintains the certification. This is the time of year when they have a chance to vote for the Board of Directors and have a say in how (ISC)2 conducts itself.Akamai Security Advocate Dave Lewis is finishing his second year as a member of the current board. He's not up for re-election until next

Miguel Serrano

Miguel Serrano

November 13, 2014 3:30 PM

The Responsive Web Design journey: the crossroad bet ...

I like the way Guy Pojdarny said it: "Mobile took the web by surprise". It can't be more true. Nowadays we face the burst of mobile devices accessing to our sites and applications. They are not a minority anymore. And we have to make sure we satisfy them all, as they are all potential buyers, customers, viewers, ad consumers or users of our sites and applications. In other words,

Bill Brenner

Bill Brenner

November 13, 2014 7:31 AM

Trends in Security for the Commerce and Travel Indus ...

Late last year, Akamai CSIRT Director Michael Smith gave a presentation about security trends affecting eCommerce and the travel industry. Around the same time, I conducted a two-part podcast interview with him on those and other security challenges. I finally got around to watching the video of his presentation, and think the big picture he presented is as true today as it was then. Have a look, and then a

Bill Brenner

Bill Brenner

November 12, 2014 6:37 AM

Microsoft Security Update for November 2014

Microsoft released its November 2014 Security Update Tuesday. Windows, Office, Server Software and the .NET Framework are among the items affected.More Akamai perspective on patching and vulnerability management: Akamai University: Vulnerability Management vs. Pen TestingTen Years After the Blaster WormBug Bounty Programs: A Turning Point for Microsoft

Bill Brenner

Bill Brenner

November 11, 2014 5:36 AM

Attackers Use DNS Flooder Tool to Amplify DDoS Impac ...

Akamai's Prolexic Security Engineering and Research Team (PLXsert) issued an advisory this morning warning of a new technique bad actors are using to launch DNS amplification attacks. Amplification attacks generate large response packets with relatively small requests. Attackers create large DNS TXT (text) records to increase amplification, magnifying the impact of a DDoS attack. Several campaigns observed since Oct. 4, 2014 contain fragments of text taken from press releases issued by

Akamai

Akamai

November 10, 2014 10:00 AM

The Performance Challenges of WAN Architecture

How many websites have you accessed today, and from how many devices? Were you satisfied with the speed of your service and the experience of connecting? Did it enable you to keep moving at the pace you need?

Bill Brenner

Bill Brenner

November 10, 2014 6:11 AM

5 Security Tips For Online Holiday Shopping

In the run-up to Cyber Monday, we're looking at different online shopping trends and how Akamai plays a critical role in keeping things running. As part of that, we'll be focusing on typical security threats to be aware of this time of year and beyond.Let's begin with some wise advice from my colleague, Akamai Security Advocate Dave Lewis. He originally came up with these last year, but it bears repeating

Rajiv Aaron Manglani

Rajiv Aaron Manglani

November 7, 2014 12:00 PM

Introducing SHA-2 Certificates and Forward Secrecy

In order to provide a higher level of transport-layer security, Akamai will soon be introducing two notable changes to SSL/TLS support on our secure platform. These new features will upgrade your sites' SSL/TLS configuration to be consistent with new industry standards around encryption and certificates.

Akamai

Akamai

November 7, 2014 8:00 AM

How important is it to have a secure and reliable we ...

Businesses need to protect themselves from all of these types of attacks. By identifying the threats they find most damaging, businesses can tailor their security solutions to provide the best security for their critical applications. Presented by Edward S. Ferrara, Vice President & Principal Analyst, Forrester. Learn more at www.akamai.com/webdefense 

Akamai

Akamai

November 6, 2014 4:18 PM

Preparing for the Holidays: What You Should Do

At this point in our Preparing for Holiday series, we've covered trends in mobile and security. And while knowledge is certainly important, what's more important is acting on that knowledge. Hopefully you've taken some time to examine how these trends apply to your eCommerce business and have put together an action plan as a result. If you're not entirely sure of the best approach to take, here are three tips

Bill Brenner

Bill Brenner

November 5, 2014 6:03 AM

Edge 2014 Video: Million Browser Botnet Live Demonst ...

Akamai CSIRT Director Michael Smith and WhiteHat Security Threat Research Center Senior Manager Matt Johansen gave a demonstration of how the Million Browser Botnet operates, during last month's Edge conference. Below is the full presentation. Talk description: Online advertising networks can be a web hacker's best friend. For mere pennies per thousand browser impressions, service providers allow you to broadly distribute arbitrary JavaScript. Most advertisers use this feature to show

Bill Brenner

Bill Brenner

November 4, 2014 5:06 AM

Akamai Edge 2014: Responding to Heartbleed and Shell ...

In April, Akamai determined its network was vulnerable to the Heartbleed bug. In late September, the company determined it was vulnerable to the Shellshock bug. In this case study, Akamai Chief Security Architect Brian Sniffen walks through Akamai's response to both and provides insights into the lessons learned for improved security and incident response.

Akamai

Akamai

November 3, 2014 11:04 AM

Globalization and Consumerization: The New Challenge ...

Headquarters in America. Branches in Europe. Offices in India. Suppliers in Taiwan. Employees at home, on the road, and everywhere in between: All of whom need to connect to business-critical applications and who expect to be able to do so from whatever device is at hand.

Bill Brenner

Bill Brenner

November 3, 2014 6:16 AM

Akamai Edge 2014: Evolution of TLS/SSL

Akamai Chief Security Architect Brian Sniffen reviews the evolution of TLS/SSL during a presentation at Akamai Edge 2014. Following the Heartbleed vulnerability, attention turned to TLS, the fundamental building block of Internet encryption and authentication. Sniffen reviewed the evolving TLS standard, including new ciphers, authentication mechanisms and asymmetric key changes.