Get In Touch
Recently in Web Security Category
Note: Akamai CSIRT member Larry Cashdollar contributed to Oracle's latest CPU. He appears in the advisory credits. We always knew he'd be famous!
Oracle has released a monster Critical Patch Update (CPU) -- 113 security fixes in all affecting a vast portion of the company's product line.
In a blog post outlining the fixes, Oracle's Eric Maurice wrote:
This Critical Patch Update provides 113 new security fixes across a wide range of product families including: Oracle Database, Oracle Fusion Middleware, Oracle Hyperion, Oracle Enterprise Manager Grid Control, Oracle E-Business Suite, Oracle PeopleSoft Enterprise, Oracle Siebel CRM, Oracle Industry Applications, Oracle Java SE, Oracle Linux and Virtualization, Oracle MySQL, and Oracle and Sun Systems Products Suite.
Here's the full list of products affected:
Several people from Akamai's InfoSec team will be at RSA Conference Asia Pacific & Japan July 22 and 23 at Marina Bay Sands, Singapore.
You can visit us at Booth G7 and see live attacks against protected Web properties using multiple popular attack methods. You can also schedule a private meeting with us so we can update you on recent enhancements and answer any specific questions you may have about Akamai, our security solutions and the recent Prolexic acquisition.
We'll also be giving some talks. Here's a roundup:
The Fifth Annual BSidesLV will be held in Las Vegas Aug. 5 and 6 at Tuscany Suites & Casino, 255 East Flamingo Rd. Las Vegas, NV. It runs at the same time Black Hat is going on down the street at Mandalay Bay, but it's definitely worth your time.
Unlike previous years, which offered pre-registration for a token refunded fee, this year there will be no pre-registration. Badges will be offered days of the show on a first-come, first-served, walk-in basis. It's a big venue and I seriously doubt anyone will be turned away.
But if you really want to secure a badge in advance, there are ways to do it.
Akamai's Prolexic Security Engineering & Research Team (PLXsert) is warning companies of stealth surveillance and computer hijacking attacks by the Blackshades Remote Administration Tool (RAT) crimeware kit.
When malicious actors infect machines with the Blackshades RAT malware, they gain the ability monitor video and audio data, record keylogging information from the user, and harvest sensitive credentials to banking, email, websites and applications. Remote access capabilities also let attackers hijack victim machines to run executables and lock out owners' file access, according to an advisory released this morning.
A month from now I'll be at Black Hat USA 2014 with many of my Akamai colleagues. It's time to start thinking about the talks that will be most relevant to our interests. To that end, here's a look at some of the more interesting items on the agenda so far.
Note: This is not the full agenda, nor is it an objective list. It captures the talks that look most interesting to me.
Source: The Black Hat USA 2014 website
The latest Akamai State of the Internet Report is out. Here's a look at what we saw on the security front in the first quarter of 2014.