Akamai Diversity
Home > Web Security

Recently in Web Security Category

Akamai has once again been chosen to help protect the leading global broadcasters, advertisers, partners and sponsors' sites for this year's World Cup. This has given us the opportunity to capture an incredible amount of data for analyzing specific trends.

BSidesLV Speaker Schedule, Shuttle Info, Etc.

The schedule for BSidesLV is out, along with details on a shuttle service that will transport attendees from the BSides venue to points throughout Las Vegas. Some of the speaker schedule is below, followed by the transportation and party details.

George Orwell once said, "International football is the continuation of war by other means" - as we will demonstrate in this post - Mr. Orwell was spot-on, according to statistics on web application layer attacks collected by Akamai's Cloud Security Intelligence platform, the 2014 world cup soccer matches spurred sophisticated cyber attacks between soccer-fan-hackers of competing sides.

In this episode of the Akamai Security Podcast, I talk to Adi Ludmer, a senior researcher from Akamai's security engineering team in Tel Aviv, Israel. He discusses the daily role his team plays in keeping Akamai customers secure, and shares some of the research he's currently focused on.

1274644_10202017815313383_1687459603_o.jpg

Highlights of Prolexic Attack Report for Q2 2014

As attacks go, the second quarter of 2014 was quieter than the first. But when you compare the numbers to this time last year, that's of little comfort. According to Prolexic's newly-released attack report for Q2 2014, the rate of DDoS attacks rose 22 percent over the second quarter of 2013.

The report is now available for download HERE.


Web Security in the News, July 21

A look at security stories in the news that are relevant to Akamai customers and beyond.


Oracle Releases Massive Security Update

Note: Akamai CSIRT member Larry Cashdollar contributed to Oracle's latest CPU. He appears in the advisory credits. We always knew he'd be famous!

Oracle has released a monster Critical Patch Update (CPU) -- 113 security fixes in all affecting a vast portion of the company's product line.

In a blog post outlining the fixes, Oracle's Eric Maurice wrote:

This Critical Patch Update provides 113 new security fixes across a wide range of product families including: Oracle Database, Oracle Fusion Middleware, Oracle Hyperion, Oracle Enterprise Manager Grid Control, Oracle E-Business Suite, Oracle PeopleSoft Enterprise, Oracle Siebel CRM, Oracle Industry Applications, Oracle Java SE, Oracle Linux and Virtualization, Oracle MySQL, and Oracle and Sun Systems Products Suite.

Here's the full list of products affected:

Akamai at RSA Conference Asia Pacific & Japan 2014

Several people from Akamai's InfoSec team will be at RSA Conference Asia Pacific & Japan July 22 and 23 at Marina Bay Sands, Singapore. 

You can visit us at Booth G7 and see live attacks against protected Web properties using multiple popular attack methods. You can also schedule a private meeting with us so we can update you on recent enhancements and answer any specific questions you may have about Akamai, our security solutions and the recent Prolexic acquisition.

We'll also be giving some talks. Here's a roundup:

Volunteers Needed for BSidesLV 2014

The Fifth Annual BSidesLV will be held in Las Vegas Aug. 5 and 6 at Tuscany Suites & Casino, 255 East Flamingo Rd. Las Vegas, NV. It runs at the same time Black Hat is going on down the street at Mandalay Bay, but it's definitely worth your time.

Unlike previous years, which offered pre-registration for a token refunded fee, this year there will be no pre-registration. Badges will be offered days of the show on a first-come, first-served, walk-in basis. It's a big venue and I seriously doubt anyone will be turned away.

But if you really want to secure a badge in advance, there are ways to do it.

Akamai Security Storytelling: An Update

It's been awhile since I updated you on our Akamai security storytelling efforts. A lot of awesomeness is afoot. We're writing public versions of our compliance documentation, launching a new podcast, shooting five new videos and spreading the word at several upcoming security conferences.