Akamai's 2nd annual Girls Who Code Summer Immersion program is now underway! Last Monday, we welcomed 20 high school girls to our Cambridge headquarters to begin their intensive seven week program. The girls will learn coding fundamentals, participate in field trips, workshops, and receive mentoring from Akamai employees.
Get In Touch
Recently in News & Announcements Category
Earlier today (Aug 6, 2015) at the Black Hat Security Conference in Las Vegas, Bishop Fox, a security research and penetration testing firm, announced the discovery of a vulnerability that allows an outside actor to conduct a cross-site request forgery (CSRF)/Server-Side Request Forgery (SSRF) attack using a combination of exploits. This vulnerability relied on the Akamai platform in two ways: specially-crafted legacy resource locators (also called v1 ARLs) in combination with specific versions of Flow Player.
Akamai is aware of a talk scheduled for Black Hat USA 2015 this week that will discuss some potential issues with platforms like ours.
Mike Brooks and Matthew Bryant, security analysts at Bishop Fox, will give the following talk on Aug. 6:
Akamai is aware of a recently disclosed critical vulnerability in BIND (CVE-2015-5477) that can be exploited to cause a denial of service.
How does the attack work?
An attacker can cause BIND to exit by using a constructed packet to trigger a REQUIRE assertion via defective handling of a TKEY query.
How is Akamai affected?
Akamai's Fast DNS / EDNS authoritative name servers do not run BIND and as such are not impacted by this CVE.
Further, Akamai continuously evaluates CVEs as they appear, and we continue to evaluate and patch relevant systems as necessary.
What can you do to protect yourself?
If you run BIND anywhere in your environment, upgrade to the patched release most closely related to your current version of BIND. These can be downloaded from http://www.isc.org/downloads.
Gartner states: "By year-end 2020, more than 60% of public Web applications protected by a Web application firewall (WAF) will use WAFs delivered as a cloud service or Internet-hosted virtual appliance -- up from less than 15% today."
DD4BC, the malicious group responsible for several Bitcoin extortion campaigns last year, continues to expand attacks against Akamai customers. Researchers from Akamai's PLXsert and CSIRT teams continue to investigate attack activity related to the group.
In recent weeks, the frequency of customers receiving ransom emails from this band of chaotic actors has steadily grown. DD4BC continues to inform victims that they will launch a DDoS attack of 400-500 Gbps against them. To date, DD4BC attack campaigns mitigated by Akamai have not exceeded 50 Gbps in size. That's up from the high of 15-20 Gbps observed in early May. (A full history of the group's exploits and firepower can be found in this advisory from April.)
Below are the most commonly asked questions we've received from customers, along with some answers.
What is new since the last update?
The group can now attack with firepower of up to 50 gigabits per second. Additionally, they now threaten exposure to a targeted organization via social media in addition to the DDoS attack itself. The goal is to publicly embarrass the target via social media, thus harming the company's reputation and to garner additional attention towards credibility for the service disruption. Their methodology has also changed in that they are utilizing multi-vector campaigns more readily as well as in some instances re-visiting previous targets that experienced some level of impact during the initial event. We have also observed this group incorporating a Layer 7 attack as part of the multi-vector attack.