Akamai Diversity

The Akamai Blog

Don Ng

Don Ng

September 21, 2018 9:57 AM

Rise of Credential Stuffing in Asia Pacific and Japa ...

The rise of credential stuffing attacks globally is made possible by the tendency of customers' re-using the same credentials across different websites and attackers' easy access to stolen credential lists.

Martin McKeay

Martin McKeay

September 19, 2018 5:40 AM

State of the Internet Security - Credential Stuffing

Credential stuffing, and the botnets behind this activity, is the primary focus of the State of the Internet Security Report, Issue 4, 2018. Credential stuffing, the use of botnets to try to login to a site with stolen or randomly created login information, isn't a new phenomenon, but it is one that is having a growing impact, especially on financial services organizations. Our latest report takes a deeper look at

Randy D'Souza

Randy D'Souza

September 14, 2018 2:01 PM

DNS is a Unique (and Necessary) Security Control

Like many other security professionals, you have been reviewing your security stack, reading up on the latest security trends, and have perhaps recently attended Info-Sec, RSA, Black Hat or some other relevant conference. Along the way, you may have seen messaging for recursive DNS (rDNS) as a security layer. However, it's hard for you to believe DNS is an effective security control, as you know it is a lookup service

Larry Cashdollar

Larry Cashdollar

August 23, 2018 11:30 AM

Apache Struts Vulnerability CVE-2018-11776

On Wednesday, August 22nd, the Apache team patched another vulnerability in the Apache Struts2 framework. Apache Struts is an open-source web application framework for developing Java web applications. The vulnerability exists when these conditions are met: The alwaysSelectFullNamespace flag setting is set to true in the Struts configuration. The Struts configuration file contains an <action ...> tag that does not specify either the optional namespace attribute or a wildcard namespace.

Akamai InfoSec

Akamai InfoSec

August 20, 2018 11:23 AM

On Cache Poisoning

In March 2017, Akamai released a post, "On Web Cache Deception Attacks". A presentation at the Black Hat conference by James Kettle from Port Swigger on web cache poisoning has recently raised awareness of cache poisoning. This is a class of vulnerability with a long history. Cache poisoning can be defended against by properly configuring caching controls on both customer sites and the Akamai platform. Customers should consult with their

Akamai

Akamai

August 15, 2018 1:00 PM

Linux Kernel IP Vulnerability 2

On the week of July 15th, researcher Juha-Matti Tilli disclosed a vulnerability in the Linux kernel to the kernel maintainers, the National Cyber Security Center - Finland (NCSC-FI), CERT Coordination Center (CERT/CC), and Akamai. The vulnerability, CVE-2018-5391, is a resource exhaustion attack triggered by a specially crafted stream of IP datagrams that cause expensive processing within the Linux kernel. This vulnerability is similar to the Linux TCP vulnerability announced August,

Akamai

Akamai

August 6, 2018 11:15 AM

Linux Kernel TCP Vulnerability

On the week of July 15th researcher Juha-Matti Tilli disclosed a vulnerability he discovered in the Linux kernel to the kernel maintainers, the National Cyber Security Center - Finland (NCSC-FI), CERT Coordination Center (CERT/CC), and Akamai. The vulnerability, CVE-2018-5390, is a resource exhaustion attack triggered by a specially crafted stream of TCP segments which creates expensive processing within the Linux kernel. In preparation for the public disclosure of the vulnerability,

Vaishali Sangtani

Vaishali Sangtani

July 27, 2018 3:31 AM

Why would customers choose me?

Competitive Differentiation Guide for Financial Services in Digital India We are a young nation 1.3 billion strong, of which just about 500 million are active internet users. Not a small number by any means. We have world's second largest pool of internet users and our online population is larger than the total population of United States of America! However, what we as a nation along with the whole world, really

Akamai InfoSec

Akamai InfoSec

June 14, 2018 7:57 AM

Platypuses and Policies: Akamai's Approach to the GD ...

Written by Meyer Potashman On May 25, 2018, the EU General Data Protection Regulation (GDPR) went into effect. In preparation, Akamai, like every other company that does business with or interacts in any way with individuals in the EU, needed to re-evaluate our approach to data protection and privacy to ensure that we are compliant with the new law. Since GDPR requires that companies evaluate the privacy practices of their