Akamai Diversity

The Akamai Blog

December 2014 Archives

Akamai

Akamai

December 31, 2014 9:27 AM

Top 5 Questions to Ask Yourself after Cyber Monday - ...

In our last blog post, we discussed aesthetics, and online and mobile merchant site responsiveness. Here is the second and final half of our installment: Did the site make as much revenue as it could have?

Akamai

Akamai

December 30, 2014 11:03 AM

The Top 5 Questions to Ask Yourself After Cyber Mond ...

Part 1 of a 2-Part Blog Series The peak holiday online shopping season is in full-force now. Most eCommerce merchants spent months preparing their sites for an onslaught of the web traffic they both hope for - and fear, depending on their role in the organization. If you are in business management (i.e., CIO, CMO or VP of Ecommerce) you'll want to encourage as much traffic as possible to

Akamai

Akamai

December 22, 2014 10:00 AM

The Future of BYOD and Its Impact on Enterprise Appl ...

The genre of Science Fiction and its contributors has given us plenty of glimpses into what the future of mobile devices might look like, from the hand-held communicators of "Star Trek" that inspired the first cellular flip phones to both cinema and comic-inspired wearable devices. However, compared to the smartphones and other devices that are currently on the market, these formerly advanced devices of the past now look and

Akamai

Akamai

December 19, 2014 10:00 AM

Shoppers flock to mobile on Thanksgiving 2014, turn ...

While eCommerce certainly continued to grow year-over-year this holiday season, reports about growth numbers are a mixed bag, depending on who you ask. One thing is for certain, though: Mobile commerce hit its stride this year.

Akamai

Akamai

December 17, 2014 12:00 PM

The Advantages of Enterprise Cloud Applications

Beyond all the hype, industry reorientations and analyst projections, the emergence of cloud computing as a common internal business tool (whether authorized CRM and data management applications or unauthorized note-taking and organizational tools) is an interesting example of companies following where their employees have led.

Bill Brenner

Bill Brenner

December 17, 2014 6:30 AM

Xsser mRAT Targets iOS and Android for Man-in-Middle ...

Akamai's Prolexic Security Engineering & Response Team (PLXsert) has issued a new advisory about a Xsser mobile remote access Trojan (mRAT) attackers are using to target iOS and Android devices. The Xsser mRAT is spread through man-in-the-middle and phishing attacks and may involve cellphone tower eavesdropping for location-specific attacks.

Bill Brenner

Bill Brenner

December 17, 2014 6:00 AM

Video: Vulnerability Management vs. Pen Testing

Vulnerability assessment and pen testing both deal with finding and fixing security holes. But they are not the same thing. In this whiteboard presentation, Akamai security researcher Patrick Laverty explains the differences between the two, and how both are critical to the vulnerability management process at Akamai.

Bill Brenner

Bill Brenner

December 16, 2014 3:02 PM

Video: Incident Management at Akamai

At Akamai, incidents happen daily. Despite strong controls, it's inevitable that problems will arise when so much content is being handled, processed and distributed within Akamai and on behalf of customers. To deal with that reality, the company has a set of procedures to manage incidents as they materialize. Most incidents are resolved by small interventions in the network. In this whiteboard presentation, Bill Brenner gives an overview.

Bill Brenner

Bill Brenner

December 16, 2014 3:00 PM

Video: FedRAMP 101

In this whiteboard presentation, Akamai InfoSec Program Manager James Salerno explains what FedRAMP is, why it was created and why it's become an important part of Akamai's security compliance process.

Lorenz Jakober

Lorenz Jakober

December 16, 2014 11:00 AM

Video & Software Updates Don't Need To Overwhelm You ...

Video growth is overwhelming the enterprise network. We have all been there. At work trying to watch the live company all-hands video, or the latest training, or perhaps even the latest YouTube video. But all we end up with are pixelated videos that take forever to start and constantly re-buffer. The workplace video experience can be abysmal if the WAN is not ready. Most of us will avoid a painful

Bill Brenner

Bill Brenner

December 12, 2014 3:52 PM

CSIRT Warns of More Account Checker Fraud

The following was written by CSIRT Manager Mike Kun:While investigating an attack against an Akamai customer, Akamai's CSIRT discovered a server hosting a web-based attack tool -- a variant of the account checker tool first discovered in 2012.

Pierre Lermant

Pierre Lermant

December 11, 2014 11:00 AM

Dynamic Content: A Short TTL as an Alternative to Pu ...

Purging URLs at the Edge when its underlying content changes at the origin infrastructure may seem to be the best way to manage a website dynamic content. Or is it? In this post, we'll explore the pros and cons of purging, and offer an alternative when appropriate.

Bill Brenner

Bill Brenner

December 11, 2014 8:56 AM

Microsoft's Final Patch Tally for December 2014

Microsoft released its security bulletin for December 2014 this week, fixing security holes in Windows, Exchange, Office and Internet Explorer. The full patch matrix is below.More Akamai perspective on patching and vulnerability management:Akamai University: Vulnerability Management vs. Pen TestingTen Years After the Blaster WormBug Bounty Programs: A Turning Point for Microsoft

Bill Brenner

Bill Brenner

December 9, 2014 3:40 PM

FAQ: Vulnerability in the TLS 1.x protocol

The following advisory was written by CSIRT Manager Mike Kun:We are aware of a newly-announced vulnerability found by Adam Langley and Brian Smith in some implementations of the TLS 1.x protocol that allows for a man-in-the-middle attack. This can result in insecure compromised transactions over TLS 1.x. For more details, read the original article.

Akamai

Akamai

December 9, 2014 12:00 PM

Akamai joins Cloud Foundry to support open cloud eco ...

As enterprises further embrace cloud environments for both business and mission critical applications, it is important to have easier ways to connect with other cloud based services. Akamai recognizes this need and this is why we are excited to announce our participation as a Silver sponsor of the Cloud Foundry Foundation. Cloud Foundry is an open source Platform as a Service (PaaS) that provides capabilities to distribute applications to one

Bill Brenner

Bill Brenner

December 9, 2014 6:00 AM

Security Kahuna Podcast: Data Breach Lessons

In the latest episode of the Security Kahuna Podcast, Dave Lewis, Martin McKeay and I discuss the security breach at Sony, lawsuits between the banks and Target, and much more. Rather than give the latest victims a lashing over mistakes that allowed the breach to happen, we focus on the lessons learned and how companies can better protect themselves going forward.Listen to the full episode

Bill Brenner

Bill Brenner

December 8, 2014 7:25 AM

Microsoft's December 2014 Security Bulletin

Microsoft has released a preview of the security bulletin it plans to release Tuesday, Dec. 9, 2014. If the plan holds, the software giant will release seven bulletins -- three of them for critical vulnerabilities in Windows, Office and Internet Explorer. The full preview is below.More Akamai perspective on patching and vulnerability management:Akamai University: Vulnerability Management vs. Pen TestingTen Years After the Blaster WormBug Bounty Programs: A Turning Point for

Akamai

Akamai

December 5, 2014 1:19 PM

Want your App Delivery to Kick SaaS? Avoiding the Ch ...

1st of a 2-part blog post SaaS is growing like crazy. We have all observed the fact that the SaaS market has experienced tremendous growth over the course of the past few years, and that rapid growth is forecasted to continue for the next several years.

Akamai

Akamai

December 4, 2014 1:54 PM

Analysis of Black Friday Data Reveals Shift in Attac ...

Because Akamai is trusted by thousands of online retailers, and in fact all of the 20 top global eCommerce sites, we see and analyze enormous amounts of attack data during events such as Black Friday. This year we tracked requests coming into dozens of online retailers over 24 hour periods for each of the 5 Fridays leading up to Black Friday. During that period we analyzed 4.2 billion HTTP

Bill Brenner

Bill Brenner

December 3, 2014 3:54 PM

My Turn on the "Security Influencer" Podcast

I recently sat down for a discussion with Contrast Security CTO Jeff Williams, host of the Security Influencer Podcast. We covered a lot of ground, including the most recent data breaches making news and the recent uptick in attacks against third-party web services.Access the podcast and interview transcript here

Akamai

Akamai

December 2, 2014 12:21 PM

#GivingTuesday

We are committed to investing in the education of our future innovators. In the spirit of the holiday season, we are proud to contribute to: Code.Org Room To Read Plan International With a charitable donation in our customers' names!

Bill Brenner

Bill Brenner

December 2, 2014 8:00 AM

DD4BC: PLXsert warns of Bitcoin extortion attempts

A Bitcoin extortion campaign is underway, launched by a group of bad actors calling themselves DD4BC. The group repeatedly tried to blackmail Bitcoin exchanges and gaming sites -- threatening victims with DDoS attacks in order to extort bitcoins. Akamai's Prolexic Security Engineering and Response Team (PLXsert) reports the following:

Bill Brenner

Bill Brenner

December 1, 2014 4:23 PM

Boston OWASP meeting Dec. 3 at Akamai Headquarters

The Boston chapter of OWASP (Open Web Application Security Project) will have its next meeting at Akamai headquarters the evening of Wednesday, Dec. 3. Details are available on the OWASP Boston website, but here's a summary of the agenda:

Bill Brenner

Bill Brenner

December 1, 2014 2:33 PM

Fresh Wave of DNS Record Hijacking Attacks Reported

Akamai has observed a fresh wave of DNS poisoning attacks, where web sites are hijacked and placed under the control of malicious actors. It's a tactic Akamai has seen before, and there are ways for companies to defend themselves.Anatomy of attacks The Domain Name System (DNS) converts the text of a domain name (ie. akamai.com) to the server's IP address. Using DNS hijacking, a malicious user is able to update