Akamai Diversity
Home > Web Security

Recently in Web Security Category

Web Security in the News, July 21

A look at security stories in the news that are relevant to Akamai customers and beyond.


Oracle Releases Massive Security Update

Note: Akamai CSIRT member Larry Cashdollar contributed to Oracle's latest CPU. He appears in the advisory credits. We always knew he'd be famous!

Oracle has released a monster Critical Patch Update (CPU) -- 113 security fixes in all affecting a vast portion of the company's product line.

In a blog post outlining the fixes, Oracle's Eric Maurice wrote:

This Critical Patch Update provides 113 new security fixes across a wide range of product families including: Oracle Database, Oracle Fusion Middleware, Oracle Hyperion, Oracle Enterprise Manager Grid Control, Oracle E-Business Suite, Oracle PeopleSoft Enterprise, Oracle Siebel CRM, Oracle Industry Applications, Oracle Java SE, Oracle Linux and Virtualization, Oracle MySQL, and Oracle and Sun Systems Products Suite.

Here's the full list of products affected:

Akamai at RSA Conference Asia Pacific & Japan 2014

Several people from Akamai's InfoSec team will be at RSA Conference Asia Pacific & Japan July 22 and 23 at Marina Bay Sands, Singapore. 

You can visit us at Booth G7 and see live attacks against protected Web properties using multiple popular attack methods. You can also schedule a private meeting with us so we can update you on recent enhancements and answer any specific questions you may have about Akamai, our security solutions and the recent Prolexic acquisition.

We'll also be giving some talks. Here's a roundup:

Volunteers Needed for BSidesLV 2014

The Fifth Annual BSidesLV will be held in Las Vegas Aug. 5 and 6 at Tuscany Suites & Casino, 255 East Flamingo Rd. Las Vegas, NV. It runs at the same time Black Hat is going on down the street at Mandalay Bay, but it's definitely worth your time.

Unlike previous years, which offered pre-registration for a token refunded fee, this year there will be no pre-registration. Badges will be offered days of the show on a first-come, first-served, walk-in basis. It's a big venue and I seriously doubt anyone will be turned away.

But if you really want to secure a badge in advance, there are ways to do it.

Akamai Security Storytelling: An Update

It's been awhile since I updated you on our Akamai security storytelling efforts. A lot of awesomeness is afoot. We're writing public versions of our compliance documentation, launching a new podcast, shooting five new videos and spreading the word at several upcoming security conferences.


Blackshades RAT is a Serious Threat

Akamai's Prolexic Security Engineering & Research Team (PLXsert) is warning companies of stealth surveillance and computer hijacking attacks by the Blackshades Remote Administration Tool (RAT) crimeware kit.

When malicious actors infect machines with the Blackshades RAT malware, they gain the ability monitor video and audio data, record keylogging information from the user, and harvest sensitive credentials to banking, email, websites and applications. Remote access capabilities also let attackers hijack victim machines to run executables and lock out owners' file access, according to an advisory released this morning.

Microsoft's July 2014 Patch Load

Microsoft released its July 2014 Security Update a few minutes ago. The latest vulnerabilities to be addressed affect everything from Windows and Internet Explorer to Microsoft Server Software.

Here's the software giant's patching chart for the month:

DEF CON Speaker Schedule is Live

The speaker schedule for DEF CON is now live on the event website. What follows are the talks that look particularly interesting. 

Note: What's listed is based on what interests me personally. It is not a full list, nor do I speak for the many Akamai colleagues who will also be there next month. 


Talks of Interest at Black Hat USA 2014

A month from now I'll be at Black Hat USA 2014 with many of my Akamai colleagues. It's time to start thinking about the talks that will be most relevant to our interests. To that end, here's a look at some of the more interesting items on the agenda so far.

Note: This is not the full agenda, nor is it an objective list. It captures the talks that look most interesting to me. 

Source: The Black Hat USA 2014 website

The latest Akamai State of the Internet Report is out. Here's a look at what we saw on the security front in the first quarter of 2014.