Akamai Diversity

The Akamai Blog

October 2016 Archives

Rich Bolstridge

Rich Bolstridge

October 31, 2016 9:34 AM

Dyn DDoS Attack: Wide-Spread Impact Across the Finan ...

The recent DDoS attack against the Dyn DNS service resulted in major impact across the financial services industry, and provides us an example to better understand the technology risks and the lessons learned from this attack. In the first of this two part blog, we will examine the impact that the attack had on banks, insurance companies, and other firms in the industry. In Part 2, we'll dig into some

Larry Cashdollar

Larry Cashdollar

October 27, 2016 9:29 AM

Multiple SQL Injections in Three Joomla Extensions b ...

Earlier this month, I found myself thinking about some vulnerabilities I discovered with my intern, Elitza Neytcheva, while demonstrating vulnerability research. I realized I only gave the code a nominal review, only partially analyzing and tracing the execution paths to exploit the XSS and SQL injection that Elitza and I initially found. We looked at about 5% of the overall extensions code. I figured it could use a second deeper

Erik Nygren

Erik Nygren

October 24, 2016 1:13 PM

IPv6 at Edge 2016

With the Internet transition from IPv4 to IPv6 now in full-gear, the topic of IPv6 was raised in number of forums at the Akamai Edge conference this week. In a keynote on Wednesday morning, Ash Kulkarni mentioned how enabling delivery of sites and content over IPv6 by default is one of the ways that Ion 3 helps accelerate mobile performance, aiming to improve the user experience and resulting business metrics.

Craig Sprosts

Craig Sprosts

October 24, 2016 11:57 AM

What CSPs Can Learn from the Latest DDoS Attacks

On Friday, October 21, 2016, there was a major distributed denial of service (DDoS) attack that took down major U.S. company websites, including Twitter, Paypal, The New York Times, Box, Netflix and more. The attack targeted managed DNS provider Dyn Inc., which hosts the authoritative DNS for these popular domains. The attack originated from a large number of compromised IoT devices, including internet-connected cameras, routers and digital video recorders.

Chris Nicholson

Chris Nicholson

October 20, 2016 12:36 PM

Elections and Events: Expect the Unexpected

Much like most everything else about this year's Presidential election, live video streaming traffic for last night's final debate didn't fit the norm. Whereas viewing numbers typically decline for each consecutive debate, aggregate video traffic for Akamai broadcasters streaming the third matchup between the two candidates was actually slightly higher than the second, peaking at 3.8 Tbps yesterday compared to the 3.6 Tbps peak we observed during the October 9th

Or Katz

Or Katz

October 18, 2016 5:56 PM

Keeping an Eye on Credential Abuse Attacks

Akamai Edge conference is here and I'm really excited to share some of my insights and thoughts about credential abuse attacks in my session "Akamai Threat Research into Credentials Abuse". Credential abuse attacks become a common disturbing threat in recent years, a successful credential abuse attack campaign can result with a potential damage that include losing access and control over the accounts, data breach and even fraudulent transactions.

Meg Grady-Troia

Meg Grady-Troia

October 18, 2016 11:09 AM

Akamai Undergoes SOC 2 Assessment: Adding a Service ...

Akamai completed its first assessment against the SOC 2 standard this summer, and has released its first report on compliance under NDA. What is the SOC 2? The SOC (Service Organization Controls) 2 is a security standard aimed at Service Organizations. The SOC 2 is developed and maintained by the AICPA (American Institute of CPAs),which breaks goals for secure operations into 5 different categories called trust principles. The trust principles

Miguel Serrano

Miguel Serrano

October 13, 2016 10:49 AM

Who is cyber-attacking my country?

You. And if not you, surely some of your fellow compatriots are. With a notable exception, but I'll come to this later in the article. For forensic purposes, determining the origin country IPs involved in DDoS attacks ­-called 'zombies'- helps to determine who and where the victim is, but tells nothing about the location where the actual attacker sits, since those zombies, usually well distributed geographically speaking, have been infected

Eric Kobrin

Eric Kobrin

October 12, 2016 10:05 AM

When Things Attack

Researchers at Akamai have been monitoring the growth of attacks leveraging Internet of Things (IoT) devices. These attacks are coming from compromised devices of various sorts. Akamai works hard to protect our customers and users from these attacks. With other, non-IoT types of devices (including general purpose computers), owners can patch or reconfigure their systems to close vulnerabilities. In the Internet of Things, device owners are often at the mercy

Yohai Einav

Yohai Einav

October 11, 2016 3:45 PM

Examining the Long-Tail of DNS Queries: A Hotbed of ...

Data scientists put in a tireless amount of work tracking cybercriminals--from specific individuals to entire organizations--looking at their behavior and the methods through which they attempt to compromise data. Because DNS is a ubiquitous protocol that's used for most internet interactions, it also provides fertile ground for cybercriminals to launch malware. Nominum, now part of Akamai, Data Science examines massive volumes of DNS data--100 billion queries daily--to detect anomalies and

Akamai

Akamai

October 11, 2016 12:12 PM

2 Ways an Entire Country Can Lose Access to the Inte ...

For citizens of the most advanced economies, it is hard to conceptualize what being entirely cut off from the Internet would look like, let alone how it could actually happen. Is it as simple as flipping a kill switch or pressing an 'Off' button? Though unlikely in countries like the United States that have numerous independently operated providers and redundant Internet infrastructure, total shutdowns are still possible in geographies where

Shane Keats

Shane Keats

October 10, 2016 2:48 PM

A bit of political controversy, and a lot of streami ...

This morning, the pundits are busy debating whether last night's "Town Hall" will move the needle on the election, but one thing is certain: here in the US, it certainly moved a lot of bits. We delivered a peak of 3.6 Tbps across the ten broadcasters we worked with for the second Trump-Clinton match-up. Compare that to the 3.5 Tbps we peaked at during the Sochi games just two years

Jim Geronaitis

Jim Geronaitis

October 6, 2016 12:56 PM

Analyst Edge Presentation: Robert Mahowald, IDC - Cl ...

One of the sessions at the upcoming Akamai Edge Conference 2016 will be 'Exploring User Expectations for Business Critical SaaS Applications'. This session will be hosted by Robert Mahowald; Group Vice President at IDC who leads IDC's worldwide application and cloud services practices. Robert will share findings key insights from the recent Akamai sponsored IDC 2016 SaaS User Requirements survey. We caught up with Robert recently to learn more about

Akamai

Akamai

October 5, 2016 3:39 PM

620+ Gbps Attack - Post Mortem

On Tuesday, September 20, Akamai successfully defended against a DDoS attack exceeding 620 Gbps, nearly double that of the previous peak attack on our platform. That attack and the recent release of the Mirai source code have generated a lot of interest in, and speculation about, the role of IoT devices in DDoS attacks. For several months, Akamai researchers have been looking into the code that is now known as

Lorenz Jakober

Lorenz Jakober

October 4, 2016 9:25 AM

Akamai acquires enterprise secure access innovator S ...

Providing employees with secure access to enterprise applications deployed behind the firewall is a core requirement for all businesses. Increasingly, businesses must also deal with delivering third-party access to critical applications whether hosted in the public cloud or a private data center.