Akamai Diversity

The Akamai Blog

Miguel Serrano

Miguel Serrano

October 13, 2016 10:49 AM

Who is cyber-attacking my country?

You. And if not you, surely some of your fellow compatriots are. With a notable exception, but I'll come to this later in the article. For forensic purposes, determining the origin country IPs involved in DDoS attacks ­-called 'zombies'- helps to determine who and where the victim is, but tells nothing about the location where the actual attacker sits, since those zombies, usually well distributed geographically speaking, have been infected

Eric Kobrin

Eric Kobrin

October 12, 2016 10:05 AM

When Things Attack

Researchers at Akamai have been monitoring the growth of attacks leveraging Internet of Things (IoT) devices. These attacks are coming from compromised devices of various sorts. Akamai works hard to protect our customers and users from these attacks. With other, non-IoT types of devices (including general purpose computers), owners can patch or reconfigure their systems to close vulnerabilities. In the Internet of Things, device owners are often at the mercy

Akamai

Akamai

October 5, 2016 3:39 PM

620+ Gbps Attack - Post Mortem

On Tuesday, September 20, Akamai successfully defended against a DDoS attack exceeding 620 Gbps, nearly double that of the previous peak attack on our platform. That attack and the recent release of the Mirai source code have generated a lot of interest in, and speculation about, the role of IoT devices in DDoS attacks. For several months, Akamai researchers have been looking into the code that is now known as

Akamai

Akamai

September 22, 2016 3:10 AM

OpenSSL Security Update

On September 22nd, 2016, the OpenSSL project released versions 1.1.0a, 1.0.2i, and 1.0.1u of OpenSSL. This release contains about a dozen security fixes, including one important update that we wanted the Akamai community to be specifically aware of.

Akamai InfoSec

Akamai InfoSec

August 10, 2016 6:50 PM

Vulnerability in the Linux kernel's tcp stack implem ...

Akamai is aware of a vulnerability, announced at the USENIX Security conference on Aug 10, 2016, which describes a vulnerability in the Linux kernel's tcp stack implementation (kernel versions 3.6 to 4.6). At a high-level, a patient adversary can leverage rate-limited challenge ACK's on a non-secure tcp connection to conduct a hijacking attack.

Or Katz

Or Katz

August 8, 2016 1:45 PM

A Year Later, Clearly "Blackhat SEO" is still Workin ...

A year ago Akamai's Threat Research Team exposed a "Blackhat Search Engine Optimization (SEO)" attack campaign. The goal of the campaign was to manipulate search engines rankings and grow visibility for a web site that allows users to share their cheating and infidelity stories.

Akamai

Akamai

July 27, 2016 10:23 AM

American Banker's CyberSec 2016 Conference - That's ...

Last week, American Banker hosted its brand new conference, Cybersec 2016 in Midtown Manhattan. Penny Crosman (@pennycrosman), Editor at Large, American Banker, did a great job as chair of the event and brought together thoughtful presenters and panelists. There were great insights from leaders in the industry from BBVA, Bank of the West, USAA, Mastercard, U.S. Bank, and many others. It was a fantastic day of information sharing - exactly

Akamai SIRT Alerts

Akamai SIRT Alerts

July 22, 2016 10:30 AM

Akamai SIRT details a timeline of DDoS campaigns aga ...

Akamai SIRT has published a new case study detailing a series of DDoS attack campaigns against the MIT (Massachusetts Institute of Technology) network. So far in 2016, MIT has received more than 35 DDoS campaigns against several different targets which have been mitigated by at least one of our cloud solutions. The new case study authored by Wilber Mejia outlining the DDoS campaigns and attack methods utilized can be downloaded

Akamai SIRT Alerts

Akamai SIRT Alerts

July 18, 2016 12:12 PM

Akamai Mitigates httpoxy Vulnerability

Dominic Scheirlinck and the httpoxy disclosure team disclosed a vulnerability on Monday, July 18th that affects many PHP and CGI web-apps. Many origin web applications (particularly PHP and CGI applications) unsafely trust the "HTTP_PROXY" environment variable when generating forward requests. The CGI spec (which PHP also follows) calls for the incoming header to be converted to an environment variable before executing the cgi application. The conversion specifies that "HTTP_" be