Akamai Diversity
Home > Web Security

Recently in Web Security Category

Akamai at Black Hat USA 2014

A platoon of Akamites -- myself included -- will descend on Las Vegas this week for Black Hat USA 2014 as well as BSidesLV and DEF CON. We'll be there to network, tell Akamai's security story and learn from those of you who will be giving talks.

At Black Hat, you can find us in the Business Hall at Booth 858. Come say hi and collect some free items, including scan-blocking card holders, stickers and t-shirts.

Safe travels!

Wednesday, August 6: 10:00 - 19:00
Thursday, August 7: 10:00 - 17:00

Security in the News, Aug. 4

A look at security stories in the news that are relevant to Akamai customers and beyond.

Android vulnerability still a threat to many devices nearly two years later (CSOonline)
Many apps that use the Android addJavascriptInterface API are still vulnerable to JavaScript code injection, researchers from Bromium said.

Microsoft ordered to turn over customer data stored in the cloud (Computerworld)
Federal court says warrant for info stored in Ireland is not an extra-territorial application of U.S law; decision has privacy implications.

The World's Most Hackable Cars (Dark Reading)
Researchers find 2014 models of Dodge Viper, Audi A8, Honda Accord are the least likely to be hit by hackers.

U.S. government warns of point-of-sale malware campaign (SearchSecurity)
The U.S. government has divulged details on the 'Backoff' point-of-sale malware campaign, which purportedly targets remote access software for entry.

Sandwich Chain Jimmy John's Investigating Breach Claims (KrebsonSecurity)
Sources at a growing number of financial institutions in the United States say they are tracking a pattern of fraud that indicates nationwide sandwich chain Jimmy John's may be the latest retailer dealing with a breach involving customer credit card data. The company says it is working with authorities on an investigation.

The IETF as a Nexus of Cryptography

Thumbnail image for Thumbnail image for rsalz.jpg

The following is a guest post from Akamai Principal Security Engineer Rich Salz.

The Internet Engineering Task Force (IETF) is becoming a center for the application of cryptography. There are a handful of factors contributing to this:

· It is the technical organization that defines the protocols and standards that enable the Internet.
· The recent Snowden revelations that showed how much government spying there is on Internet traffic.
· The IETF response (RFC 7258) to treat pervasive monitoring as an attack that must be mitigated.
· Increasing recognition in the academic community that TLS is an important protocol; papers discussing attacks on it get noticed.

Microsoft and Akamai have teamed up with Jerusalem Venture Partners (JVP) to create a security-focused accelerator program. It's based at the Microsoft Ventures Accelerator in Israel, and interested entrepreneurs and startups can apply now

Startups accepted into the program will be announced Sept. 7 and the class will run through January.

Security in the News, July 28

A look at security stories in the news that are relevant to Akamai customers and beyond.

Akamai has once again been chosen to help protect the leading global broadcasters, advertisers, partners and sponsors' sites for this year's World Cup. This has given us the opportunity to capture an incredible amount of data for analyzing specific trends.

BSidesLV Speaker Schedule, Shuttle Info, Etc.

The schedule for BSidesLV is out, along with details on a shuttle service that will transport attendees from the BSides venue to points throughout Las Vegas. Some of the speaker schedule is below, followed by the transportation and party details.

George Orwell once said, "International football is the continuation of war by other means" - as we will demonstrate in this post - Mr. Orwell was spot-on, according to statistics on web application layer attacks collected by Akamai's Cloud Security Intelligence platform, the 2014 world cup soccer matches spurred sophisticated cyber attacks between soccer-fan-hackers of competing sides.

In this episode of the Akamai Security Podcast, I talk to Adi Ludmer, a senior researcher from Akamai's security engineering team in Tel Aviv, Israel. He discusses the daily role his team plays in keeping Akamai customers secure, and shares some of the research he's currently focused on.


Highlights of Prolexic Attack Report for Q2 2014

As attacks go, the second quarter of 2014 was quieter than the first. But when you compare the numbers to this time last year, that's of little comfort. According to Prolexic's newly-released attack report for Q2 2014, the rate of DDoS attacks rose 22 percent over the second quarter of 2013.

The report is now available for download HERE.