Akamai Diversity
Home > Web Security

Recently in Web Security Category

The Holiday Readiness Countdown

It's never too early to prepare when you're a retailer gearing up for the holiday rush, especially with the continued growth in online commerce. Now is usually the time that shoppers begin making their shopping plans, and even start to make purchases. To help prepare, we've pulled together three essential elements for providing an exceptional customer experience during the holidays, and ultimately converting shoppers into buyers! 

The Torte Botnet: A SpamBot Investigation

By Bill Brenner, Akamai SIRT Senior Tech Writer   

Akamai released a new whitepaper today about a spambot investigation conducted by Chad Seaman, a Senior Security Response Engineer from Akamai's Security Intelligence Research Team (SIRT).

Attackers are using a multi-layered, decentralized and widely distributed botnet to launch coordinated brute-force spamming campaigns. Chad named it the "Torte" botnet because its structure resembles a multi-layered cake.

The botnet is fairly large and uses both elf binary and php based infections. The portions that could be mapped account for over 83,000 unique infections across 2 of the 4 infection layers. While binary infections only target Linux, other php-based infections were found running on all major server operating systems -- Windows, Linux, os x, Unix, SunOS, and variants of bsd.

The paper examines Akamai's SIRT investigation, findings and recommended defensive measures.

With the holiday season quickly approaching, retailers are thinking through every element of their company's eCommerce plans to significantly boost sales during the busiest shopping time of the year. One of the biggest drivers of online retail sales is user experience, so retailers should place increased emphasis on bolstering the following customer touchpoints during the holiday rush to ensure positive brand interactions that convert browsing into sales:

NetBIOS, RPC Portmap and Sentinel Reflection DDoS Attacks

By Bill Brenner, Akamai SIRT Senior Tech Writer


Akamai's Security Intelligence Response Team (SIRT) released a new advisory today about three new attack vectors digital miscreants have used to target Akamai customers. The main researchers for this advisory were Jose Arteaga and Wilber Mejia.


In the third quarter of 2015, Akamai mitigated and analyzed the following vectors:


  • NetBIOS name server reflection DDoS

  • RPC portmap reflection DDoS

  • Sentinel reflection DDoS, which reflects off of licensing servers.

Cloudpiercer Discovery Tool

Researchers have released details of a tool that allows users to discover origin servers. Researchers call it Cloudpiercer, which uses a number of techniques to locate origin servers' IP addresses.


The Cloudpiercer tool bundles several previously known methods with some stated new ones to simplify the reconnaissance against targets. It's a reconnaissance tool, not an attack tool. A potential attacker may use similar methods to search for a customer's datacenter IP addresses or netblock(s) but will have to use other services or technologies to perform an actual DDoS or web application attack.


Akamai's Security Intelligence Research Team (SIRT) has analyzed the methods used by the tool and offers the following observations.

It seems like holiday promotions have already started for many retailers and the promotion timetables are even earlier than last year. On a recent trip through my local big box retailer I noticed that Christmas decorations are already out, just one aisle down from the Halloween decorations. 

A pharmaceutical company decides to go global for a lot of reasons: Perhaps they want to expand into developing markets that are less saturated. Or they may need to conduct global clinical trials to get broader and more diverse participant base.

Akamai and Quantum Dawn 3 - That's a Wrap!

On September 16, 2015 the Securities Industry and Financial Markets Association (SIFMAconducted Quantum Dawn 3, the third in a series of cyber attack exercises against the capital markets industry.  Over 650 people from more than 80 firms and government agencies participated in the exercise.  And this year, for the first time, Akamai was invited to take part.

XOR DDoS Threat Advisory

By Bill Brenner, Akamai SIRT Senior Tech Writer


Akamai's Security Intelligence Response Team (SIRT) is tracking XOR DDoS, a Trojan malware attackers are using to hijack Linux machines to include within a botnet for distributed denial of service (DDoS) campaigns. To date, the bandwidth of DDoS attacks coming from the XOR DDoS botnet has ranged from a few gigabits per second (Gbps) to 150+ Gbps. The gaming sector is the primary target, followed by educational institutions. Akamai SIRT released a threat advisory this morning authored by Security Response Engineer Tsvetelin "Vincent" Choranov.

Akamai, iOS 9 and App Transport Security (ATS)

For app developers who use or are looking to use Akamai application acceleration services, we've provided the following information to help you understand how our services comply with Apple iOS 9 App Transport Security (ATS) requirements. 

Helpful Links: