The Akamai Blog Subscribe
Talk on CDN vulnerability at Black Hat USA 2015
Akamai is aware of a talk scheduled for Black Hat USA 2015 this week that will discuss some potential issues with platforms like ours. Mike Brooks and Matthew Bryant, security analysts at Bishop Fox, will give the following talk on Aug. 6: BYPASS SURGERY ABUSING CONTENT DELIVERY NETWORKS WITH SERVER-SIDE-REQUEST FORGERY (SSRF) FLASH AND DNS
BIND DoS Vulnerability (CVE-2015-5477)
Akamai is aware of a recently disclosed critical vulnerability in BIND (CVE-2015-5477) that can be exploited to cause a denial of service. How does the attack work? An attacker can cause BIND to exit by using a constructed packet to trigger a REQUIRE assertion via defective handling of a TKEY query. How is Akamai affected? Akamai's Fast DNS / EDNS authoritative name servers do not run BIND and as
OurMine Team Attack Exceeded 117 Gbps
A new hacking group has landed on the Akamai's PLXsert and CSIRT radar for taking responsibility for launching DDoS attacks against several of our customers in the financial services sector.The entity calls itself the "OurMine Team" and if it is to be believed, it has gained access to one customer's $500,000 account. The group has announced it will give that money to the poor.
How to Tell a Landscaper From a Thief
If I can see a person standing in front of a neighboring house inspecting the windows and the doors, should I call the police? Maybe it is the air-condition technician looking for the best place to install a new air-condition unit, or maybe it is a robber doing reconnaissance and checking what is the easiest way to get into the house. It is hard to tell! Now what if
Threat Watch: Bad Actors and Attack Techniques, Part ...
A roundup of attack activity, vectors and those responsible, based on PLXSert/CSIRT advisories issued in recent weeks: DD4BC: Operation Update and FAQ DD4BC, the malicious group responsible for several Bitcoin extortion campaigns last year, continues to expand attacks against Akamai customers. Researchers from Akamai's PLXsert and CSIRT teams continue to investigate attack activity related to the group. RIPv1 Reflection DDoS Making a Comeback Akamai's Prolexic Security Engineering & Research Team
DD4BC: Operation Update and FAQ
DD4BC, the malicious group responsible for several Bitcoin extortion campaigns last year, continues to expand attacks against Akamai customers. Researchers from Akamai's PLXsert and CSIRT teams continue to investigate attack activity related to the group. In recent weeks, the frequency of customers receiving ransom emails from this band of chaotic actors has steadily grown. DD4BC continues to inform victims that they will launch a DDoS attack of 400-500 Gbps
Time-to-Mitigate SLAs and the Irony of Being a Marke ...
As a professional marketer, it can be a little ironic how often you're frustrated when people you care about are influenced by marketing in ways that can't possibly be good for them. Everybody knows that marketers do nothing but lie all day - or "spin" as they call it. And as far as the profession goes, there's probably some truth to that. But there are plenty of marketers out
OpenSSL Vulnerability (CVE-2015-1793)
Akamai is aware of the OpenSSL vulnerability addressed in OpenSSL versions 1.0.2d and 1.0.1p on Thursday, July 9, 2015. Akamai does not use the vulnerable versions of OpenSSL and is therefore not affected. The OpenSSL team advisory outlines the vulnerability and fixes. The advisory states:During certificate verification, OpenSSL (starting from version 1.0.1n and 1.0.2b) will attempt to find an alternative certificate chain if the first attempt to build such
RIPv1 Reflection DDoS Making a Comeback
Akamai's Prolexic Security Engineering & Research Team (PLXsert) has been monitoring an uptick in a form of DDoS reflection thought to be mostly abandoned. This attack vector, which involves the use of an outdated routing protocol in RIPv1, began showing up in active campaigns again on May 16th after being dormant for more than a year. The latest attacks observed, as described later, are apparently making use of only a