Get In Touch
In a new bulletin released this morning, Akamai researchers outlined a threat in which malicious actors use vulnerabilities in third-party plug-ins to target the large websites that utilize them. Such exploits require little technical skill and are highly effective. Instead of targeting a high-traffic website directly, attackers simply target the third-party advertising company, content network or provider used by the site. High-profile sites are common targets and their security posture
In the past years we have seen an increase in distributed attacks against web applications. By using many attacking resources to target the same destination, attackers are obscuring their identity while boosting attack bandwidth, placing a greater challenge to defensive forces. Most of the distributed attacks use "volumetric" methods such as Distributed Denial of Service (DDoS) or brute force techniques such as "slow and low" to attack web applications.
In this episode, State of the Internet Security Podcast host Bill Brenner chats with Akamai CSO Andy Ellis about the findings in Akamai's Q1 2015 State of the Internet - Security Report. Specifically, they discuss how: Q1 2015 set a record for the number of DDoS attacks observed across the PLXrouted and proxy mitigation platforms - more than double the number recorded in Q1 2014 - and a jump of
In response to the Logjam vulnerability discussed in this disclosure, Akamai is continuing to analyze its production servers to determine if it supports the relevant Diffie-Hellman ciphers that would leave customers vulnerable to Logjam.We have determined that Akamai hosts on our Free Flow and Secure Content Delivery Networks are not vulnerable. We do recommend customers check their origin. We also recommend that anyone using a web browser, running a server
Today we release the Q1 2015 State of the Internet Security Report. You can grab it here, but we've been previewing it for the last few weeks in the Akamai Blog:Q1 2015 SOTI Security Preview: 7 Attack VectorsIn this final preview before the report's release, we look at the most-used attack vectors for the quarter.Coming Soon: The Q1 2015 State of the Internet Security ReportAmong the Q1 2015 highlights:We saw
The past fortnight has been a hectic period for Akamai's security teams in Australia and New Zealand. We've been approached by a number of financial organisations, and large and medium sized business to help mitigate DDoS threats from DD4BC. If you're not familiar with DD4BC, here is a updated writeup on their extortion attempts by Bill Brenner
We continue to preview sections of the Q1 2015 State of the Internet Security Report (SOTI Security) due out later this month. So far, we've told you about the continuing trend of website defacements and DNS Hijacking, the potential security risks of widespread IPv6 adoption, and the significance of a 100 GBPS attack. We've also given an overview of Q1 DDoS activity.
We continue to preview sections of the Q1 2015 State of the Internet Security Report due out later this month.So far, we've told you about the continuing trend of website defacements and DNS Hijacking, the potential security risks of widespread IPv6 adoption, and the significance of a 100 GBPS attack.Among the Q1 2015 highlights:We saw a record number of DDoS attacks recorded on the Prolexic network - more than double
DD4BC, a malicious group responsible for several Bitcoin extortion campaigns last year, is expanding its extortion and distributed denial of service (DDoS) campaigns. In recent days, Akamai has had to protect a growing number of customers from these attacks. Researchers from Akamai's PLXsert and CSIRT teams continue to research DD4BC's threats and attack activity, and this afternoon released a new bulletin to Akamai customers through the company's Luna portal