Akamai Diversity
Home > October 2017

October 2017 Archives


Since 2005, when Gartner coined the term, SIEM (Security Information and Event Management) solutions have grown in importance for the security industry.

SIEM solutions provide a centralized view to easily access and analyze security information from multiple sources, and then prioritize mitigation efforts based on risk profiles. SIEM also helps organizations meet their security log analysis and incident/event reporting requirements.

What You Need To Know About The "ROCA" vulnerability

By Daniel Franke, Infosec Researcher

Akamai is aware of the recently-disclosed "ROCA" vulnerability in cryptographic firmware used in products made by Infineon Technologies. A bug in the firmware's prime-search algorithm used for RSA key generation results in RSA keys that are relatively cheap and inexpensive to factor. The bug impacts Infineon Trusted Platform Modules (TPMs) as well as many smartcards and Hardware Security Modules (HSMs) that use Infineon chips but do not carry Infineon branding, notably including the popular YubiKey 4. In some cases, it may be possible to patch affected devices with an OEM-supplied firmware update. In other cases, the hardware must be replaced.


"Offering rich, interactive images has emerged as a critical component to any website or web app visitor engagement strategy -- and with good reason," wrote Parag Pathak, our Senior Product Marketing Manager, in his recent published article - Let's get visual: best practices for digital image management - in EContent Magazine.

I can Haz TLS 1.3 ?

Everybody wants to be able to use TLS 1.3. Among the reasons are:

Fast Flux Botnet: Research Results

Just like that, another Akamai Edge has come and gone. If you were able to join us this year, I hope you had a chance to stop by my presentation on Threat Intelligence Insights: An In-Depth Analysis of a Fast Flux Botnet.

It's no secret that businesses are rapidly adopting Cloud Service Providers such as Amazon Web Services, Microsoft Azure or Google Cloud Platform for cost efficiency, agility, scalability and global distribution to serve their customers more easily. A recent IDG survey indicates that 70% of businesses have at least 1 application in the cloud and 16% plan to take their first app to the cloud in the next 12 months.

KRACK Vulnerability in WiFi WPA2

Akamai is aware of a family of vulnerabilities known as the Key Reinstallation Attack or KRACK.  These vulnerabilities abuse implementation flaws found in all modern wireless networks using WPA2. The KRACK attack is effective at the protocol level and therefore affects all systems using current WiFi encryption, including iOS, Linux, Windows and Android.  The vulnerabilities allow the attacker to reinstall a previously used cryptographic key. This would allow for the decryption, injection, or forging of traffic on the affected network, depending on which vulnerability is used.

Service providers looking to enhance and secure the online experience for their residential and business subscribers often struggle to find solutions that are easy for their customers to configure and use - particularly when it comes to setting policies that carry across fixed, mobile and converged networks. This type of simple, seamless management is actually a key distinguishing feature of Nominum, now part of Akamai, solutions. And not just from a "here's what our products can do" perspective, but from a "here's how easily your customers can do this" perspective.

Akamai's Leading Role in the DNS Renaissance

In case you haven't been paying attention, an unlikely technology, the Internet's Domain Name System, or DNS, is experiencing a renaissance. For much of its existence, DNS has maintained a simple and singular function - to resolve Internet names to IP addresses. Over the past several years, however, DNS, or more specifically, the recursive DNS (rDNS) resolver, has assumed a number of new roles, made possible by the fact that it's used by almost every Internet-connected device. rDNS is now a services platform. It's a security agent. It's a tool for optimizing delivery of Internet content and offloading traffic from ISP backbone networks. In short, the people who best understand rDNS have not only figured out new ways to use it, they've figured out ways to monetize it.

Data Breaches and Credential Stuffing: Don't Get TKOd

It has been a very rough month for the information security community.  It feels like we've been on the losing end of a championship fight against Floyd Mayweather.