Akamai Diversity

The Akamai Blog

Akamai

Akamai

August 6, 2018 11:15 AM

Linux Kernel TCP Vulnerability

On the week of July 15th researcher Juha-Matti Tilli disclosed a vulnerability he discovered in the Linux kernel to the kernel maintainers, the National Cyber Security Center - Finland (NCSC-FI), CERT Coordination Center (CERT/CC), and Akamai. The vulnerability, CVE-2018-5390, is a resource exhaustion attack triggered by a specially crafted stream of TCP segments which creates expensive processing within the Linux kernel. In preparation for the public disclosure of the vulnerability,

Vaishali Sangtani

Vaishali Sangtani

July 27, 2018 3:31 AM

Why would customers choose me?

Competitive Differentiation Guide for Financial Services in Digital India We are a young nation 1.3 billion strong, of which just about 500 million are active internet users. Not a small number by any means. We have world's second largest pool of internet users and our online population is larger than the total population of United States of America! However, what we as a nation along with the whole world, really

Akamai InfoSec

Akamai InfoSec

June 14, 2018 7:57 AM

Platypuses and Policies: Akamai's Approach to the GD ...

Written by Meyer Potashman On May 25, 2018, the EU General Data Protection Regulation (GDPR) went into effect. In preparation, Akamai, like every other company that does business with or interacts in any way with individuals in the EU, needed to re-evaluate our approach to data protection and privacy to ensure that we are compliant with the new law. Since GDPR requires that companies evaluate the privacy practices of their

Amanda Fakhreddine

Amanda Fakhreddine

June 12, 2018 8:29 AM

State of the Internet Summer 2018 Attack Spotlight: ...

Earlier this year, Akamai mitigated the largest DDoS attack in its history, fueled by a new reflector, memcached. The attack targeted one of our software clients and broke through the 1 Tbps threshold for the first time. Memcached was developed to act as a distributed memory caching system. Since the protocol uses UDP, an insecure protocol, and carries the potential for tremendous amplification, it has the key traits of a

Akamai

Akamai

May 27, 2018 6:11 AM

Akamai CEO Leighton Calls Cybersecurity 'Fantastic G ...

Akamai CEO and co-founder Tom Leighton discusses the company's cybersecurity and data protection business. He speaks with Caroline Hyde from the Boston Institute of Contemporary Art on Bloomberg Technology. (Source: Bloomberg)

Ryan Barnett

Ryan Barnett

April 13, 2018 7:00 AM

Part 2: The Dark Side of APIs

Ryan Barnett, Principal Security Researcher, Akamai Elad Shuster, Senior Security Researcher, Akamai During its research into Credential Abuse attack campaigns, Akamai's threat research team conducted an analysis of web logins to gain insights into how widespread the adoption of API-based logins is and whether or not this trend also affects attackers and attack campaigns. It will come as no surprise that API-based logins are highly targeted by credential abuse attackers

Ryan Barnett

Ryan Barnett

April 3, 2018 9:00 AM

The Dark Side of APIs: Part 1, API Overview

Ryan Barnett, Principal Security Researcher, Akamai Elad Shuster, Senior Security Researcher, Akamai API Overview Application Programming Interfaces (API) are a software design approach which enables software and system developers to integrate with other systems based on a defined set of communication methods. APIs serve as software building blocks and allow for software reuse - essentially allowing fast development of new systems based on existing capabilities.

Daniel Abeles

Daniel Abeles

March 29, 2018 6:33 AM

What You Need To Know: "SNIPR" Credential Stuffing T ...

Overview Credential abuse (CA) is a trend that is here to stay. It affects almost every one of us. There are attackers trying to break into every online account and the vast majority of these attacks are happening silently in the background. In the past, credential abuse tools were written and distributed in closed forums and among air-gapped societies. Now, they are widely available; there is a highly active market

Shantanu Kedar

Shantanu Kedar

March 7, 2018 8:07 AM

Make way for HTTPS - Starting July 2018, Google Chro ...

Days of clear-text HTTP, the original but insecure foundation for data communication over the web, are numbered. Over the past few years, Google (and others such as the Internet Architecture Board, Mozilla, and Apple) have nudged developers to encrypt and authenticate their websites using HTTPS which layers HTTP over TLS (Transport Layer Security). This includes measures such as ranking HTTP sites lower in Google search results, not supporting powerful features