Get In Touch
I am scheduled to give a security talk next week at the Gartner Security Summit entitled: Web Application Defender's Field Report. In the talk, I will be covering statistics and technical details of web application attacks from our just released State of the Internet (SOTI) Report for Q1 2016. One of the more interesting details of the report centers around the analysis of massive Account Takeover (ATO) attack campaigns that
Jason Miller, our chief strategist of Commerce, was recently published in Retail TouchPoints magazine. In his article, How to Better Understand the Bot Ecosystem, Jason talks about the different ways to distinguish between good bots and bad bots and how the distinctions change across applications and environments.
By Akamai SIRT Two quarters ago, we introduced Sankey diagrams to the State of the Internet: Security Report. Sankey graphs help visualize energy, material, or cost transfers between processes. The Sankey graph below shows how DDoS reflection attacks have trended during the past five quarters. We tracked ten infrastructure-layer DDoS-reflection vectors. The most used vectors seem to correlate with the number of Internet devices that use these specific service protocols
Akamai SIRT is investigating a new DDoS reflection and amplification method that abuses TFTP. This is yet another UDP-based protocol that has been added to the list of DDoS amplification scripts available for malicious use. A new advisory authored by Jose Arteaga outlining the threat and suggested defenses can be downloaded here.
Recently, Dan Shugrue, one of our product marketing directors at Akamai was published in InfoSecurity magazine. His article, Barbarians at the Gate - Shoring Up Web Application Defenses with Client Reputation takes an incisive look at how client reputation monitoring can help bolster web security efforts. Dan argues that as attacks evolve, companies doing business on the web (and who isn't these days)must evolve their strategies for identifying and defending
I recently started studying for the GMAT and ran into an interesting passage while taking a diagnostic test - a reading comprehension argument by the philosopher John Searle, who was one of the first philosophers to challenge the idea of artificial intelligence. Searle argued that the human brain is not like a computer processor, and that computers are syntactic (rule based), rather than semantic (meaning based) creatures. The diagnostic test
It was March 13th, 2:30 AM at night and the customer called everyone on the Akamai account team announcing they were being attacked. The attacker was locking inventory on their site for hours causing a significant burst in traffic and preventing customers from making transactions. The Akamai Security Operations Center was involved right away and quickly discovered that a bot was behind this attack. This was a "good bot" just
By Bill Brenner, Senior Tech Writer, Akamai SIRT Retail was hit hard in Q1 2016 by malicious actors who targeted the business sector with web application attacks. That is among the findings in the State of the Internet Security Report for the first quarter of the year.
By Mike Kun, Manager, Akamai SIRT Extortion attacks have risen since DD4BC kicked things off last year. DD4BC peaked in July and the Armada Collective took over after that, sending out emails threatening attacks unless the victim(s) made ransom payments in bitcoins. The most recent round involved many ransom demand letters, but, as far as many observers can tell, very little follow through. Now we have Lizard Squad, or at