Akamai Diversity

The Akamai Blog

Bill Brenner

Bill Brenner

June 11, 2014 5:12 AM

Microsoft's June 2014 Patch Load

Microsoft released it's June 2014 Security Update Tuesday. The latest vulnerabilities to be addressed affect everything from Windows, Internet Explorer, Office to Microsoft Lync.

Bill Brenner

Bill Brenner

June 10, 2014 5:14 AM

Threat Advisory: High-Risk Zeus Crimeware Kit

Akamai's PLXSert team has discovered new payloads from the Zeus crimeware kit in the wild, deeming it "high risk" in an advisory released this morning. The advisory says the Zeus framework has evolved from focusing on the harvesting of banking credentials to being used in the control of compromised hosts (zombies) for criminal activity, including distributed denial of service (DDoS) attacks and attacks customized for specific platform-as-a-service (PaaS) and software-as-a-service

Dave Lewis

Dave Lewis

June 9, 2014 8:28 AM

Patch Tuesday For June Approaches

This month's Microsoft Patch Tuesday has almost arrived. This time out the tech giant has given advance notification that there will be seven fixes rolled out including two critical patches. The issues that are tackled by these patches are remote execution bugs in Windows, Internet Explorer (versions 6-11 depending on OS level), Office and Lync. I should note that the two critical patches require a system restart after they are

Bill Brenner

Bill Brenner

June 9, 2014 4:30 AM

Fresh Wave of Online Extortion Attacks Underway

Akamai CSIRT has identified a trend in online extortion that has the potential to impact customer websites and their users. Attackers are using reflected UDP to launch direct-to-origin denial of service attacks at e-commerce sites, then demanding payment to stop the attacks, CSIRT's Mike Kun wrote in an advisory. "We have seen these extortion attempts target e-commerce and retail sites, as well as online collaboration sites, but all sectors are

Andy Ellis

Andy Ellis

June 5, 2014 1:09 PM

OpenSSL vulnerability (CVE-2014-0224)

The OpenSSL Project today disclosed new vulnerabilities in the widely-used OpenSSL library. These are vulnerabilities that can potentially impact OpenSSL clients and servers worldwide. The most interesting is the ChangeCipherSpec Injection, which would enable a man-in-the-middle attack to force weaker ciphers into a communication stream. Akamai SSL services (both Secure Content Delivery and Secure Object Delivery) have been patched for this vulnerability. The other vulnerabilities are relatively uninteresting for our

Bill Brenner

Bill Brenner

June 5, 2014 6:06 AM

Build Systems to Fail

Akamai Security Advocate Dave Lewis (@gattaca on Twitter) has written a new post for Forbes. He argues that we need to assume that our systems will fail and fail hard. "We need to build network security with failure in mind," he wrote. "There was once a notion of 'bricks and clicks' that was meant to demonstrate a delineation between retail and online presence. This too has fallen by the wayside as

Bill Brenner

Bill Brenner

June 4, 2014 7:03 AM

A Year in the InfoSec Life: 5 Lessons

Yesterday was my one-year anniversary at Akamai, and it's been a great learning experience. To measure the journey, I took a look at posts written in the past year. The following compilation captures the lessons that have made the biggest impression so far.

Bill Brenner

Bill Brenner

June 3, 2014 6:48 AM

5 Security Headlines

A look at the security issues making headlines so far this week: Phishing campaign touts fake 'Heartbleed removal' tool (Computerworld) The program attached to the emails is actually a keylogger, according to Trend Micro. Iranian Cyberspies Pose as Journalists Online To Ensnare Their Targets (Dark Reading) Cyberspying campaign out of Iran combines social engineering and social media to steal credentials from a wide array of US and Israeli military, government,

Bill Brenner

Bill Brenner

June 2, 2014 4:54 AM

Headed To Black Hat, DEF CON and BSidesLV?

Though it's still two months away, this is the time of year when those headed to Black Hat, DEF CON and BSidesLV start fretting over registration, flights and hotel bookings. This year I decided to get a jump on things, and here are a few things I've learned that will hopefully make your lives easier.Akamai security staff will be there in force, and we're certainly looking forward to it.