Akamai Diversity
Home > Bill Brenner

Recently by Bill Brenner

BSides Boston Keynote Profile: Jack Daniel

An old friend will deliver the first keynote of BSides Boston Friday: Jack Daniel, technical product manager at Tenable Network Security. His talk is called "Doomed to Repeat: InfoSec's Failure to Learn from the Past."


BSides Boston 2014: Full Agenda

Bsides Boston 2014 -- scheduled for Friday and Saturday at the Microsoft New England Research & Development (NERD) Center -- promises to be another enlightening event. Akamai is a gold sponsor, and I'll be there both days. If you're thinking of going, here's the full agenda to consider:

bsidesbos_est1.jpg

Microsoft Releases Emergency IE Fix

Internet Explorer users take note: Microsoft issued an emergency security update yesterday to address a serious, widely-publicized vulnerability. Dustin C. Childs of Microsoft's Security Response Center announced the fix in a blog post yesterday.

Akamai released its Fourth Quarter 2013 State of the Internet Report last week. Security highlights include the following:

  • DDoS traffic increased 23 percent quarter-over-quarter, up by 75 percent from fourth quarter 2012.
  • Enterprise and commerce continued to be the industries targeted most frequently.
  • China remained the top producer of attack traffic, growing to 43 percent of observed attack traffic.
  • The United States also saw significant growth in observed attack traffic, while Indonesia's contribution continued to decline after spiking earlier in the year.
  • Port 445 remained the most targeted port, growing once again and reaching 30 percent of observed attacks. The volume of attacks targeting Port 80 remained steady at 14 percent.

Akamai recently released the Prolexic Q1 2014 Global DDoS Attack Report. What follows are some of the key points, including a 114-percent increase in the average peak bandwidth of attacks.


Two Embarrassing Security Lessons

Good news: I got another look at how well Akamai's security procedures work. 

Bad news: It's because I made two simple mistakes. And I knew better.

Storm Stress Tester Crimeware Kit Targets Windows

The Akamai Prolexic Security Engineering & Response Team (PLXsert) has discovered a new tool attackers could use to target Microsoft Windows. The PLXsert advisory describes it this way:

The Storm kit is capable of infecting Windows XP (and higher) machines for malicious uses, including execution of DDoS attacks. Once a PC is infected, the Storm Network Stress Tester crimeware kit establishes remote administration (RAT) capabilities on the infected machine, enabling file uploads and downloads and the launching of executables, including four DDoS attack vectors.

A single PC infected by the new Storm crimeware kit can generate up to 12 Mbps of DDoS attack traffic with a single attack. As a result, orchestrated botnet attacks pose a significant DDoS threat. In addition, the RAT capability enables a variety of malicious activity, including the infection of other devices.

The RAT capabilities provide criminals with an all-purpose crimeware platform that can be used for a variety of malicious activity, including the infection of other devices, the advisory says.

"Remote administration lets malicious actors take over a PC from a distance, even from another continent," said Stuart Scholly, senior vice president and general manager of Security at Akamai Technologies. "In the last year, we've seen a growing volume of cyber-attacks coming from Asia. The Storm kit seems to have been custom-designed to infect and control vulnerable Windows XP machines in China."

One PC infected by the kit can generate up to 12 Mbps of DDoS attack traffic with a single attack. The kit comes pre-programmed to launch four types of DDoS attacks at once, increasing the potential attack volume.

A free download of the full advisory is available here.

Akamai PLXsert monitors malicious cyber threats globally and analyzes DDoS attacks using proprietary techniques and equipment. Through digital forensics and post‐attack analysis, PLXsert is able to build a global view of DDoS attacks, which is shared with customers and the security community.

By identifying the sources and associated attributes of individual attacks, the PLXsert team helps organizations adopt best practices and make more informed, proactive decisions about DDoS threats.

windowslivewriter9dc595f9764e-d3e9windows-bullet-holes21.jpg

SOURCE Boston: Fighting Security Burnout

If you're attending SOURCE Boston, there's a discussion Thursday at 11 a.m. you should attend. It deals with a subject we've been working hard to address at Akamai: burnout in the security industry, and how we can make things better by tapping into the better angels of our nature.



SOURCE Boston 2014: Need a Job? Stop By Our Table

Attention, SOURCE Boston attendees: If you or anyone you know needs a job, come by our booth. Recruiters are on hand, and they have several positions to fill, including:

  • A program manager for InfoSec;
  • A senior manager for Enterprise Security;
  • A security architect for Adversarial Resilience; and 
  • A principal application software engineer for the Security Products Group.
We're also giving away an iPad at 5 p.m., so come put your business card in the raffle jar. And by all means, come grab some shwag.

10006383_10203740995191803_846107286495733959_n.jpg

SOURCE Boston 2014: Proof Heartbleed is a Big Deal

Akamai CSO Andy Ellis wrote about how we're protecting customers from the much-publicized Heartbleed vulnerability OpenSSL fixed in an update Monday. At SOURCE Boston 2014, there's plenty of personal proof that this bug is a big deal. You could say it ruined the first day of the conference for some.