Akamai Diversity

The Akamai Blog

Bill Brenner

Bill Brenner

December 9, 2014 6:00 AM

Security Kahuna Podcast: Data Breach Lessons

In the latest episode of the Security Kahuna Podcast, Dave Lewis, Martin McKeay and I discuss the security breach at Sony, lawsuits between the banks and Target, and much more. Rather than give the latest victims a lashing over mistakes that allowed the breach to happen, we focus on the lessons learned and how companies can better protect themselves going forward.Listen to the full episode

Bill Brenner

Bill Brenner

December 8, 2014 7:25 AM

Microsoft's December 2014 Security Bulletin

Microsoft has released a preview of the security bulletin it plans to release Tuesday, Dec. 9, 2014. If the plan holds, the software giant will release seven bulletins -- three of them for critical vulnerabilities in Windows, Office and Internet Explorer. The full preview is below.More Akamai perspective on patching and vulnerability management:Akamai University: Vulnerability Management vs. Pen TestingTen Years After the Blaster WormBug Bounty Programs: A Turning Point for

Akamai

Akamai

December 4, 2014 1:54 PM

Analysis of Black Friday Data Reveals Shift in Attac ...

Because Akamai is trusted by thousands of online retailers, and in fact all of the 20 top global eCommerce sites, we see and analyze enormous amounts of attack data during events such as Black Friday. This year we tracked requests coming into dozens of online retailers over 24 hour periods for each of the 5 Fridays leading up to Black Friday. During that period we analyzed 4.2 billion HTTP

Bill Brenner

Bill Brenner

December 3, 2014 3:54 PM

My Turn on the "Security Influencer" Podcast

I recently sat down for a discussion with Contrast Security CTO Jeff Williams, host of the Security Influencer Podcast. We covered a lot of ground, including the most recent data breaches making news and the recent uptick in attacks against third-party web services.Access the podcast and interview transcript here

Bill Brenner

Bill Brenner

December 2, 2014 8:00 AM

DD4BC: PLXsert warns of Bitcoin extortion attempts

A Bitcoin extortion campaign is underway, launched by a group of bad actors calling themselves DD4BC. The group repeatedly tried to blackmail Bitcoin exchanges and gaming sites -- threatening victims with DDoS attacks in order to extort bitcoins. Akamai's Prolexic Security Engineering and Response Team (PLXsert) reports the following:

Bill Brenner

Bill Brenner

December 1, 2014 4:23 PM

Boston OWASP meeting Dec. 3 at Akamai Headquarters

The Boston chapter of OWASP (Open Web Application Security Project) will have its next meeting at Akamai headquarters the evening of Wednesday, Dec. 3. Details are available on the OWASP Boston website, but here's a summary of the agenda:

Bill Brenner

Bill Brenner

December 1, 2014 2:33 PM

Fresh Wave of DNS Record Hijacking Attacks Reported

Akamai has observed a fresh wave of DNS poisoning attacks, where web sites are hijacked and placed under the control of malicious actors. It's a tactic Akamai has seen before, and there are ways for companies to defend themselves.Anatomy of attacks The Domain Name System (DNS) converts the text of a domain name (ie. akamai.com) to the server's IP address. Using DNS hijacking, a malicious user is able to update

Bill Brenner

Bill Brenner

November 25, 2014 7:38 AM

8 Security Measures for IT Shops This Holiday Season

We've offered a lot of security advice for those shopping online this holiday season. But what about the IT practitioners responsible for securing sites those customers are using?This post is for them.Here are some words of wisdom I've picked up from security pros over the years. Some of the advice may seem obvious. But as I said yesterday, repetitive advice tends to be necessary in this hyper-connected, fast-paced world of

Bill Brenner

Bill Brenner

November 24, 2014 7:12 AM

Online Shopping Scams and How to Avoid Them

We recently shared five tips from Akamai Security Advocate Dave Lewis on how to avoid traps attackers set for online holiday shoppers. Today, we share articles from various publications to help you identify and avoid the most typical scams.Tomorrow, I'll have a new post on things IT practitioners can do for their retail employers to harden systems against attack. The advice is important, because for every 100 failed online scams