Akamai Diversity

The Akamai Blog

Bill Brenner

Bill Brenner

October 14, 2014 5:12 PM

Excerpt: How POODLE Happened

The following is an excerpt from Akamai Security Researcher Daniel Franke's blog post on the POODLE vulnerability.  Bodo Möller, Thai Duong, and Krzysztof Kotowicz have just broken the internet again with POODLE, a new and devastating attack against SSL. POODLE, an acronym for Padding Oracle On Downgraded Legacy Encryption, permits a man-in-the-middle attacker to rapidly decrypt any browser session which utilizes SSL v3.0 -- or, as is generally the case,

Bill Brenner

Bill Brenner

October 14, 2014 2:46 PM

Your Microsoft Patch Update for October 2014

Microsoft released its October 2014 Security Update Tuesday. Windows, Internet Explorer, Office, Developer Tools and .NET Framework are among the items affected.Here is the full patch matrix:

Akamai

Akamai

October 14, 2014 11:00 AM

Internet Hygiene: What web applications vulnerabilit ...

When you consider security solutions, there is no catchall Internet security solution that addresses every web application security challenge. A multi-layered approach to Internet security is the most effective way to guard against all types of cyber-attacks, including DDoS, application-layer attacks and data breaches. But this is much more security technology and tools. You need to add what we call "Internet hygiene" to your defenses - taking internal measures to

Bill Brenner

Bill Brenner

October 14, 2014 5:31 AM

Five Good Security Articles

Articles I'm reading include such topics as the mounting cost of social engineering, the Mayhem Botnet's exploitation of Shellshock, and some tips for better security in the healthcare industry.

Bill Brenner

Bill Brenner

October 7, 2014 5:54 AM

Akamai University: FedRAMP 101

Akamai Edge 2014 continues today with the second day of Akamai University and API Boot camp. To coincide with this, I'm running two security lessons that are part of an upcoming video series. This is the final installment, and was written by Akamai program managers James Salerno and Dan Philpott.First installment: Vulnerability Management vs. Penetration Testing

Bill Brenner

Bill Brenner

October 6, 2014 9:32 AM

Akamai University: Vulnerability Management vs. Pen ...

Akamai Edge 2014 begins today and tomorrow with two days of Akamai University and API Boot camp. To coincide with this, I'm running two security lessons that are part of an upcoming video series. This is the first installment, written by Akamai CSIRT researcher Patrick Laverty.

Bill Brenner

Bill Brenner

October 6, 2014 5:40 AM

Akamai Edge 2014: Shellshock and Heartbleed Resource ...

Akamai Edge attendees will hear the names of two security vulnerabilities a lot this week: Shellshock and Heartbleed. Both shook the security industry to the core this year, and Akamai security staff spent countless hours working to protect customers against these threats.Before Edge gets underway, here are some resources to get familiar with what we've done to address the threats.More on the Web Security Track at Akamai Edge 2014:Akamai Edge

Akamai

Akamai

October 2, 2014 11:41 AM

Akamai Launches New Protection for Shellshock-Bash

Akamai has created custom rules to help protect customers from the Shellshock-Bash vulnerabilities. The official names of these vulnerabilities and the WAF rules to address them are as follows:

Akamai

Akamai

October 2, 2014 6:46 AM

Shellshock CVE-2014-6277 and CVE-2014-6278 Details R ...

Yesterday, we released an article on Akamai's security site detailing all of the CVE advisories now in circulation for Shellshock, and how they relate to Akamai's mitigation strategies. At the time we published, details had not yet been released for two of the six advisories -- CVE-2014-6277 and CVE-2014-6278. Late yesterday, those details were finally released.