Akamai Diversity

The Akamai Blog

Recently by Bill Brenner

Bill Brenner

Bill Brenner

January 5, 2015 6:21 AM

2015 Security Predictions: Sort Of

I've never been a fan of security predictions, though I've written about them too many times to count. I guess that makes me a hypocrite. I could take the high road and tell you my bosses always make me write about it, but why pass the buck? In the world of tech media, we ALL write about predictions. Call it a case of doing one of those tasks you hate

Bill Brenner

Bill Brenner

December 17, 2014 6:30 AM

Xsser mRAT Targets iOS and Android for Man-in-Middle ...

Akamai's Prolexic Security Engineering & Response Team (PLXsert) has issued a new advisory about a Xsser mobile remote access Trojan (mRAT) attackers are using to target iOS and Android devices. The Xsser mRAT is spread through man-in-the-middle and phishing attacks and may involve cellphone tower eavesdropping for location-specific attacks.

Bill Brenner

Bill Brenner

December 17, 2014 6:00 AM

Video: Vulnerability Management vs. Pen Testing

Vulnerability assessment and pen testing both deal with finding and fixing security holes. But they are not the same thing. In this whiteboard presentation, Akamai security researcher Patrick Laverty explains the differences between the two, and how both are critical to the vulnerability management process at Akamai.

Bill Brenner

Bill Brenner

December 16, 2014 3:02 PM

Video: Incident Management at Akamai

At Akamai, incidents happen daily. Despite strong controls, it's inevitable that problems will arise when so much content is being handled, processed and distributed within Akamai and on behalf of customers. To deal with that reality, the company has a set of procedures to manage incidents as they materialize. Most incidents are resolved by small interventions in the network. In this whiteboard presentation, Bill Brenner gives an overview.

Bill Brenner

Bill Brenner

December 16, 2014 3:00 PM

Video: FedRAMP 101

In this whiteboard presentation, Akamai InfoSec Program Manager James Salerno explains what FedRAMP is, why it was created and why it's become an important part of Akamai's security compliance process.

Bill Brenner

Bill Brenner

December 12, 2014 3:52 PM

CSIRT Warns of More Account Checker Fraud

The following was written by CSIRT Manager Mike Kun:While investigating an attack against an Akamai customer, Akamai's CSIRT discovered a server hosting a web-based attack tool -- a variant of the account checker tool first discovered in 2012.

Bill Brenner

Bill Brenner

December 11, 2014 8:56 AM

Microsoft's Final Patch Tally for December 2014

Microsoft released its security bulletin for December 2014 this week, fixing security holes in Windows, Exchange, Office and Internet Explorer. The full patch matrix is below.More Akamai perspective on patching and vulnerability management:Akamai University: Vulnerability Management vs. Pen TestingTen Years After the Blaster WormBug Bounty Programs: A Turning Point for Microsoft

Bill Brenner

Bill Brenner

December 9, 2014 3:40 PM

FAQ: Vulnerability in the TLS 1.x protocol

The following advisory was written by CSIRT Manager Mike Kun:We are aware of a newly-announced vulnerability found by Adam Langley and Brian Smith in some implementations of the TLS 1.x protocol that allows for a man-in-the-middle attack. This can result in insecure compromised transactions over TLS 1.x. For more details, read the original article.

Bill Brenner

Bill Brenner

December 9, 2014 6:00 AM

Security Kahuna Podcast: Data Breach Lessons

In the latest episode of the Security Kahuna Podcast, Dave Lewis, Martin McKeay and I discuss the security breach at Sony, lawsuits between the banks and Target, and much more. Rather than give the latest victims a lashing over mistakes that allowed the breach to happen, we focus on the lessons learned and how companies can better protect themselves going forward.Listen to the full episode