Recently in Web Security Category

Good news: I got another look at how well Akamai's security procedures work. 

The Akamai Prolexic Security Engineering & Response Team (PLXsert) has discovered a new tool attackers could use to target Microsoft Windows. The PLXsert advisory describes it this way:

The Storm kit is capable of infecting Windows XP (and higher) machines for malicious uses, including execution of DDoS attacks. Once a PC is infected, the Storm Network Stress Tester crimeware kit establishes remote administration (RAT) capabilities on the infected machine, enabling file uploads and downloads and the launching of executables, including four DDoS attack vectors.

A single PC infected by the new Storm crimeware kit can generate up to 12 Mbps of DDoS attack traffic with a single attack. As a result, orchestrated botnet attacks pose a significant DDoS threat. In addition, the RAT capability enables a variety of malicious activity, including the infection of other devices.

The RAT capabilities provide criminals with an all-purpose crimeware platform that can be used for a variety of malicious activity, including the infection of other devices, the advisory says.

"Remote administration lets malicious actors take over a PC from a distance, even from another continent," said Stuart Scholly, senior vice president and general manager of Security at Akamai Technologies. "In the last year, we've seen a growing volume of cyber-attacks coming from Asia. The Storm kit seems to have been custom-designed to infect and control vulnerable Windows XP machines in China."

One PC infected by the kit can generate up to 12 Mbps of DDoS attack traffic with a single attack. The kit comes pre-programmed to launch four types of DDoS attacks at once, increasing the potential attack volume.

A free download of the full advisory is available here.

Akamai PLXsert monitors malicious cyber threats globally and analyzes DDoS attacks using proprietary techniques and equipment. Through digital forensics and post‐attack analysis, PLXsert is able to build a global view of DDoS attacks, which is shared with customers and the security community.

By identifying the sources and associated attributes of individual attacks, the PLXsert team helps organizations adopt best practices and make more informed, proactive decisions about DDoS threats.

This year, we decided to do something a little different to accompany the year-end State of the Internet Report. In addition to the analysis we do on the numbers for the world as a whole, we're breaking out a particular region to look at in more detail. Although it is not the target of the largest number of attacks, we chose Europe because, like the rest of the world, it is seeing a growing number of attacks.

Recent studies and reports show a dramatic increase in the prevalence of denial of service attacks in general, and application layer attacks in particular. As a result of this increase, DoS protection and mitigation solutions have evolved both on the technological side as well as in their ability to scale and protect against larger and more distributed attacks (DDoS).

If you're attending SOURCE Boston, there's a discussion Thursday at 11 a.m. you should attend. It deals with a subject we've been working hard to address at Akamai: burnout in the security industry, and how we can make things better by tapping into the better angels of our nature.

Attention, SOURCE Boston attendees: If you or anyone you know needs a job, come by our booth. Recruiters are on hand, and they have several positions to fill, including: