Akamai Diversity
Home > Web Security

Recently in Web Security Category

A DDoS Checklist?

Following last week's cyber-attacks on Meetup's infrastructure, Antone Gonsalves, a reporter from CSO Online, asked me, for an article he was writing, what steps I would recommend CISOs to take "if they came under a similar attack". I hesitated before giving a softball answer, "don't wait for the attack, prepare for it." I could sense the reporter's frustration immediately. He wanted to give his readers step-by-step instructions, to what I have observed to potentially be a very complex problem.

Wordpress DDoS: New Attack, Old Problems

Our researchers spent much of yesterday tracking a massive DDoS exploiting weaknesses in the Wordpress blogging platform. Most of the news reports are consistent with what we saw, so let's take a look at some of the more comprehensive pieces, starting with a CSOonline blog post from Akamai Security Advocate Dave Lewis. The overall message: This latest attack is just another example of an old and unaddressed problem.

Akamai Participating in Cyber-Defense Competition

Akamai InfoSec personnel will be on hand this weekend to help run the seventh Annual Northeast Collegiate Cyber Defense Competition, in which students are divided into teams to carry out simulated cyber-defense scenarios.

Is Microsoft Wrong to Retire Windows XP?

There's an interesting article in Computerworld today about the dangers surrounding Microsoft's plan to finally pull the plug on Windows XP. The argument goes something like this: Many people still use XP, and depriving them of future security patches could lead to devastating malware infections and, by extension, myriad forms of mayhem.

Akamai InfoSec Program Manager Benjamin Brown will give a talk at two upcoming events called "Meta Cognition and Critical Thinking in Open Source Intelligence (OSINT)."

Patch Tuesday Preview for March 2014

Patch Tuesday is an important calendar item for Akamai customers, given how dominant Windows machines are in many companies. What follows is a preview of Microsoft's March 2014 Security Update. 

More Great RSAC Videos

My friend David Spark, founder of Spark Media Solutions, does some outstanding videos each year during RSA. They are educational, humorous and brilliantly edited. His work appears on the site of one of our partners, security vendor Tripwire. Per an agreement, I'm sharing them here as well. Enjoy!

I've been thinking a lot about the culture of security since RSA Conference 2014, and find myself returning to a topic that got me in trouble three years ago.

No longer is IPv6 "just around the corner". It's here. In the half-year following when I last wrote about our measurements of IPv6 adoption, many of the metrics we were tracking have doubled. This is in large part due to increased adoption of IPv6 by residential broadband networks in the U.S.A. and Germany. As of December 2013, we were serving over 20 billion IPv6 requests per day, double the 10 billion per day delivered just six months prior.

RSAC and BSidesSF: Week in Review

Another RSA Conference and BSidesSF is in the books. Here's a look back at our coverage for the week.