Akamai Diversity
Home > Web Security

Recently in Web Security Category

Internet Disruptions Possible During World Cup 2014

Researchers from Akamai's CSIRT team warn of potential Internet disruptions during the upcoming World Cup event. FIFA's World Cup will be held in Brazil starting June 12.

At the 2010 World Cup hosted in South Africa, some 3,170,856 spectators attended 64 matches. FIFA is again distributing a total of over 3,000,000 tickets for the tournament, where Brazilian and international visitors will attend football (soccer) matches in 12 cities across Brazil. Akamai anticipates increased Internet traffic to and from Brazil throughout the tournament.

Podcast: CSO Andy Ellis on Heartbleed

By now, most of you are aware of the Heartbleed vulnerability that sent shockwaves through the tech industry. Like many of you, Akamai had to work overtime to ensure our customers were protected.

We did that, but as is the case with any large security threat, we continue to be vigilant and, while letting everyone know what we did to keep them secure, we're looking back at the lessons learned and how to turn it into even better security going forward.

The details in this episode are not new, as CSO Andy Ellis has blogged at length about it. I've included those links below. But with so many of us working overtime to address Heartbleed, this was my first opportunity to sit down with Andy and discuss it.

imgres.jpg

Related posts:


Microsoft has released advance notification regarding the security updates it plans to release Tuesday. It looks like a busy month of patching ahead. The breakdown is below.

BSides Boston 2014: HallwayCon

As I noted in previous posts, LobbyCon is an important part of any security conference experience. At BSides Boston Saturday, attendees will enjoy the ritual with a special twist.

Organizers call it HallwayCon. A description from the BSides Boston website:

First come, first served! (Sign-up and put your name and topic on the board!) These lightning talks are 15-minute each and will go throughout the entire day.

A variation of this happened during one of the SOURCE Boston after-events last month. That time, folks were encouraged to speak on a topic at a table in one of the local pubs. I enjoyed it, though it was a bit hard to hear everyone from the other side of a packed table. The BSides Boston version will surely take it to the next level.

talks.jpg

BSides Boston 2014: Dan Geer and Heartbleed

I first met Dan Geer 10 years ago, after he debated Microsoft's Scott Charney on the "Microsoft Monoculture" at a USENIX event in Boston. I was just starting to write about security and the man intimidated me. His intellect and speaking style were light years beyond anything I had comprehended before. As a news reporter, you talk to a lot of police officers, firefighters and politicians who speak in plain, familiar terms. Dan Geer was something else entirely.

Over the years, I got to interview him several more times, and he became a personal favorite among all the security luminaries out there. 

Now CISO of In-Q-Tel, the strategic investment partner of the U.S. intelligence community, Geer will be speak at BSides Boston Saturday. He'll focus on Heartbleed.

BSides Boston Keynote Profile: Jack Daniel

An old friend will deliver the first keynote of BSides Boston Friday: Jack Daniel, technical product manager at Tenable Network Security. His talk is called "Doomed to Repeat: InfoSec's Failure to Learn from the Past."


BSides Boston 2014: Full Agenda

Bsides Boston 2014 -- scheduled for Friday and Saturday at the Microsoft New England Research & Development (NERD) Center -- promises to be another enlightening event. Akamai is a gold sponsor, and I'll be there both days. If you're thinking of going, here's the full agenda to consider:

bsidesbos_est1.jpg

Microsoft Releases Emergency IE Fix

Internet Explorer users take note: Microsoft issued an emergency security update yesterday to address a serious, widely-publicized vulnerability. Dustin C. Childs of Microsoft's Security Response Center announced the fix in a blog post yesterday.

Akamai released its Fourth Quarter 2013 State of the Internet Report last week. Security highlights include the following:

  • DDoS traffic increased 23 percent quarter-over-quarter, up by 75 percent from fourth quarter 2012.
  • Enterprise and commerce continued to be the industries targeted most frequently.
  • China remained the top producer of attack traffic, growing to 43 percent of observed attack traffic.
  • The United States also saw significant growth in observed attack traffic, while Indonesia's contribution continued to decline after spiking earlier in the year.
  • Port 445 remained the most targeted port, growing once again and reaching 30 percent of observed attacks. The volume of attacks targeting Port 80 remained steady at 14 percent.

Akamai recently released the Prolexic Q1 2014 Global DDoS Attack Report. What follows are some of the key points, including a 114-percent increase in the average peak bandwidth of attacks.