Akamai Diversity

The Akamai Blog

Bill Brenner

Bill Brenner

April 29, 2014 7:14 AM

Storm Stress Tester Crimeware Kit Targets Windows

The Akamai Prolexic Security Engineering & Response Team (PLXsert) has discovered a new tool attackers could use to target Microsoft Windows. The PLXsert advisory describes it this way: The Storm kit is capable of infecting Windows XP (and higher) machines for malicious uses, including execution of DDoS attacks. Once a PC is infected, the Storm Network Stress Tester crimeware kit establishes remote administration (RAT) capabilities on the infected machine, enabling

Martin McKeay

Martin McKeay

April 28, 2014 3:23 PM

2013 DDoS Analysis For Europe

This year, we decided to do something a little different to accompany the year-end State of the Internet Report. In addition to the analysis we do on the numbers for the world as a whole, we're breaking out a particular region to look at in more detail. Although it is not the target of the largest number of attacks, we chose Europe because, like the rest of the world,

Dave Lewis

Dave Lewis

April 23, 2014 5:19 AM

Akamai Is Hiring

One of the most interesting aspects of working at Akamai is the sheer volume of opportunities within the company. Since I started here in my own role last July I have had no end of interesting challenges that have managed to keep me thoroughly engaged. Akamai is a company that allows you to grow and never has a shortage of amazing projects to work on. This sort of excellent working environment invariably brings

Andy Ellis

Andy Ellis

April 16, 2014 1:03 PM

Heartbleed: A History

In the interest of providing an update to the community on Akamai's work to address issues around the Heartbleed vulnerability, we've put together this outline as a brief summary: Akamai, like all users of OpenSSL, was vulnerable to Heartbleed. Akamai disabled TLS heartbeat functionality before the Heartbleed vulnerability was publicly disclosed. In addition, Akamai went on to evaluate whether Akamai's unique secure memory arena may have provided SSL key protection

Or Katz

Or Katz

April 15, 2014 3:00 PM

Cloudification of Web DDoS Attacks

Recent studies and reports show a dramatic increase in the prevalence of denial of service attacks in general, and application layer attacks in particular. As a result of this increase, DoS protection and mitigation solutions have evolved both on the technological side as well as in their ability to scale and protect against larger and more distributed attacks (DDoS).

Andy Ellis

Andy Ellis

April 13, 2014 7:20 PM

Heartbleed Update (v3)

Over the weekend, an independent security researcher contacted Akamai about some defects in the software we use for memory allocation around SSL keys. We discussed Friday how we believed this had provided our SSL keys with protection against Heartbleed and had contributed the code back to the community. The code that we had contributed back was, as we noted, not a full patch, but would be a starting point for

Andy Ellis

Andy Ellis

April 11, 2014 2:30 PM

Heartbleed Update

Update 2014-04-13: Our beliefs in our protection were incorrect; update here. Today, we provided more information to our customers around the research we've done into the Heartbleed vulnerability. As our analysis may inform the research efforts of the industry at large, we are providing it here. Summary: Akamai patched the announced Heartbleed vulnerability prior to its public announcement. We, like all users of OpenSSL, could have exposed passwords or session

Bill Brenner

Bill Brenner

April 10, 2014 5:33 AM

SOURCE Boston: Fighting Security Burnout

If you're attending SOURCE Boston, there's a discussion Thursday at 11 a.m. you should attend. It deals with a subject we've been working hard to address at Akamai: burnout in the security industry, and how we can make things better by tapping into the better angels of our nature.Related audio: Humanity in Security

Bill Brenner

Bill Brenner

April 9, 2014 12:41 PM

SOURCE Boston 2014: Need a Job? Stop By Our Table

Attention, SOURCE Boston attendees: If you or anyone you know needs a job, come by our booth. Recruiters are on hand, and they have several positions to fill, including:A program manager for InfoSec;A senior manager for Enterprise Security;A security architect for Adversarial Resilience; and A principal application software engineer for the Security Products Group.We're also giving away an iPad at 5 p.m., so come put your business card in the raffle