Akamai Diversity

The Akamai Blog

August 2018 Archives

Paul Calvano

Paul Calvano

August 29, 2018 8:36 AM

On Becoming a Contributor to the HTTP Archive

The HTTP Archive is an open source project that tracks how the web is built. Twice a month it crawls 1.3 million web pages on desktop and emulated mobile devices, and collects technical information about each of the web pages. That information is then aggregated and made available in curated reports. The raw data is also made available via Google BigQuery, which makes answering interesting questions about the web accessible

Larry Cashdollar

Larry Cashdollar

August 23, 2018 11:30 AM

Apache Struts Vulnerability CVE-2018-11776

On Wednesday, August 22nd, the Apache team patched another vulnerability in the Apache Struts2 framework. Apache Struts is an open-source web application framework for developing Java web applications. The vulnerability exists when these conditions are met: The alwaysSelectFullNamespace flag setting is set to true in the Struts configuration. The Struts configuration file contains an <action ...> tag that does not specify either the optional namespace attribute or a wildcard namespace.

Jim Black

Jim Black

August 22, 2018 11:55 AM

How's that Security Back Door Doing? (Part 2)

In the first part of this blog post I wrote about how recursive DNS (rDNS) is an attack surface that many enterprises don't currently protect. Bad actors are exploiting that fact and developing advanced targeted threats that use DNS to bypass conventional security tools such as firewalls, secure web gateways and endpoint antivirus.

Nicholas Hawkins

Nicholas Hawkins

August 21, 2018 10:12 AM

How to evolve your enterprise network security to a ...

In the land behind the firewall, build a fortress in the cloud.

John Neystadt

John Neystadt

August 20, 2018 2:47 PM

Dispelling the Myths Surrounding Security Technology ...

Many of our customers conducting business in Europe are concerned about how the new General Data Protection Regulation ("GDPR") impacts the ability to protect their organization's data, network and IT system resources. In particular, many worry that the requirements of GDPR will restrict their abilities to decrypt, analyze or log networking traffic for security purposes. However, enterprises needn't worry, as GDPR actually does permit these types of security controls.

Akamai InfoSec

Akamai InfoSec

August 20, 2018 11:23 AM

On Cache Poisoning

In March 2017, Akamai released a post, "On Web Cache Deception Attacks". A presentation at the Black Hat conference by James Kettle from Port Swigger on web cache poisoning has recently raised awareness of cache poisoning. This is a class of vulnerability with a long history. Cache poisoning can be defended against by properly configuring caching controls on both customer sites and the Akamai platform. Customers should consult with their

Akamai

Akamai

August 15, 2018 1:00 PM

Linux Kernel IP Vulnerability 2

On the week of July 15th, researcher Juha-Matti Tilli disclosed a vulnerability in the Linux kernel to the kernel maintainers, the National Cyber Security Center - Finland (NCSC-FI), CERT Coordination Center (CERT/CC), and Akamai. The vulnerability, CVE-2018-5391, is a resource exhaustion attack triggered by a specially crafted stream of IP datagrams that cause expensive processing within the Linux kernel. This vulnerability is similar to the Linux TCP vulnerability announced August,

Akamai

Akamai

August 6, 2018 11:15 AM

Linux Kernel TCP Vulnerability

On the week of July 15th researcher Juha-Matti Tilli disclosed a vulnerability he discovered in the Linux kernel to the kernel maintainers, the National Cyber Security Center - Finland (NCSC-FI), CERT Coordination Center (CERT/CC), and Akamai. The vulnerability, CVE-2018-5390, is a resource exhaustion attack triggered by a specially crafted stream of TCP segments which creates expensive processing within the Linux kernel. In preparation for the public disclosure of the vulnerability,

Tommy Cormier

Tommy Cormier

August 3, 2018 7:44 AM

Threat Identity...The First Line of Defense

Last quarter, we discussed zero trust and identity in regard to remote application access. This focus was primarily looking at enterprise users seeking to gain access to applications on a network where there are no boundaries: The internet. In the concept of zero trust, the internet is considered hostile and users are accessing resources from multiple devices and from many different locations. With this in mind, it is critical for