The Akamai Blog Subscribe
6 More Great Security Podcasts
Tuesday, I wrote a post about five security podcasts worth your time. This is a sequel post, directing you toward six more great podcasts that'll make you smarter and better informed about all things InfoSec. 1.) ISC podcast and daily Stormcast from the SANS Internet Storm Center Always a rich source of real-time security monitoring, the Sans Internet Storm Center's podcasts offer quick status checks on threats around the Internet.
DDoS, as simple as your ABC's
DDoS tool kits, and DDoS-for-hire along with some bitcoins, anonymous email, a TOR connection and a sense of purpose, has made it trivial for individuals, hacktivist collectives and cyber criminals to launch an effective DDoS attack.
6 Security Podcasts Worth Your Time
Though we have our own show called the Akamai Security Podcast and spend a lot of time promoting it in this blog, there are many other security podcasts worth your time. What follows are six favorites.1.) Liquidmatrix PodcastAkamai Security Advocate Dave Lewis hosts this podcast with James Arlen, Matt Johansen and Ben Sapiro.2.) Network Security PodcastLondon-based Akamai Security Advocate Martin McKeay hosts one of the longest-running and most popular podcasts in the
PLXsert Eyes Spike in SNMP Reflection DDoS Attacks
Akamai's Prolexic Security Engineering Response Team (PLXsert) has seen a significant resurgence in the use of Simple Network Management Protocol (SNMP) reflection attacks this past month. In an advisory, PLXsert said these DDoS attacks abuse the SNMP protocol, which is commonly supported by network devices such as printers, switches, firewalls and routers.
More Bricks of Security Enlightenment
Akamai Security Advocate Dave Lewis (@gattaca on Twitter) continues his prolific blogging on CSOonline. He has also begun writing for Forbes. What follows are his posts so far for May 2014. We begin with his inaugural Forbes column. Previous posts from Dave
Public Research Docs: The List So Far
Akamai InfoSec has slowly been making its security advisories public. What follows is a list of what has been released so far. These can be found in the security research section of the Akamai Security microsite.
The Brittleness of the SSL/TLS Certificate System
Despite the time and inconvenience caused to the industry by Heartbleed, its impact does provide some impetus for examining the underlying certificate hierarchy. (As an historical example, in the wake of CA certificate misissuances, the industry looked at one set of flaws: how any one of the many trusted CAs can issue certificates for any site, even if the owner of that site hasn't requested them to do so; that
Web Security Buzz
Each week, we compile a list of headlines trending on social media and distribute it internally via a newsletter called "Web Security Buzz." We recently decided to start running a public version via this blog. What follows are some of the stories we've been keeping an eye on for the past couple of weeks.
Microsoft's May 2014 Patch Load
Microsoft released it's May 2014 Security Update Tuesday. The latest vulnerabilities to be addressed affect everything from Windows, Internet Explorer and Office to Microsoft Server Software, Productivity Software and the .NET Framework.