Akamai Diversity
Home > Web Security

Recently in Web Security Category

HQL Statement Tampering

Executive Summary

"Hibernate is an object-relational mapping (ORM) library for the Java language, providing a framework for mapping an object-oriented domain model to a traditional relational database. Hibernate solves object-relational impedance mismatch problems by replacing direct persistence-related database accesses with high-level object handling functions." (Wikipedia)

According to a recent Java developer survey, Hibernate was ranked as the 2nd most popular Java framework.

InfoSec Mentors: #BSidesLV Needs You

One of the coolest things about Security B-Sides, in my opinion, is the effort that goes into giving industry newbies a hand up. The BSides Las Vegas Proving Ground Speaker Development Program is a powerful example of that. And the organizers need your help.

NTP Reflection Attacks

Yesterday we saw the news outlets light up with breathless reports of a massive distributed denial of service that was directed at the boutique company, Cloudflare. There was much ado about the volume of the attack peaking at 400 Gbps according to the numbers released by them. But, was this little more than hyperbole? This would not be without precedent.

Patch Tuesday Revision

Microsoft's patch Tuesday has arrived and further to our post from Feb 7th there have been a couple updates for the release this month. The revised bulletin contains two additional patches which address remote code execution issues in Internet Explorer and the Windows operating system.

Find out how Akamai can help you with your patch management via origin offload

ShmooCon Presentations Now Available

Last month I was fortunate enough to attend the annual ShmooCon security conference in Washington DC. I wrote as much as I could, but in the end there's no substitute for seeing the full, raw presentations. With that in mind, I'm happy to let you all know the video recordings are now available. 

Security Conference Locators

We're often asked where people should go to find out about security conferences scheduled for the coming year. It's a question I've had as well, and during a recent project to prioritize which events Akamai staff should attend and how much free stuff to give out in our travels, I managed to find some good resources.

Microsoft's February Patch Load

Patch Tuesday is an important calendar item for Akamai customers, given how dominant Windows machines are in many companies. What follows is a preview of Microsoft's February 2014 Security Update. 

Preview: Akamai.com's New Security Section

In recent months I've told you about the new security section we've been developing for the Akamai website. We're adding the finishing touches, and it's time for a preview. 

CanSecWest Vancouver and PWN2OWN 2014

All our attention may be on RSA and BSidesSF right now, but it's worth noting that the 14th annual CanSecWest conference will be held shortly after, from March 12-14 at the Sheraton Wall Centre Hotel in downtown Vancouver, British Columbia.

A Preview of #BSidesSF

For those planning the trip to San Francisco next month for RSA Conference and BSidesSF, there's a lot of good talks to choose from. Here's a look at the BSidesSF agenda. I apologize in advance to those I missed. These are the items that piqued my interest at first glance.