The Akamai BlogSubscribe
Video: What's a Zero-Day Vulnerability?
Akamai Chief Security Officer Andy Ellis gives a whiteboard lesson on zero-day vulnerabilities. Class is in session:
Podcast: Akamai CSIRT Director Michael Smith
In Episode 5 of the Akamai Security Podcast, I interview CSIRT Director Michael Smith. We discuss the role of CSIRT in researching threats and vulnerabilities, as well as keeping customers and the wider public informed of defensive measures they can take.--Listen to the podcast HEREBio: Michael Smith is a senior security manager with more than 20 years of experience in the IT security and intelligence fields performing security design and
Web Shells, Backdoor Trojans and RATs
Akamai's CSIRT team advises companies to check their systems for Web shells, executable code running on a server that gives attackers remote access to a variety of critical functions. Online adversaries can install Web shells by compromising legitimate Web applications on a server, using such tried-and-true techniques as SQL injection, Remote File Inclusion, an unvalidated file upload feature or through a valid user's stolen credentials. Here are the basics of
A Twitter Chat on Cybercrime Defense
Yesterday, Akamai participated in a Twitter forum on cybercrime as part of National Cyber Security Awareness Month. Participants supplied a ton of great resources, which I think is worth sharing here. What follows are some of the tweets from the conversation. If you want to stay out of the attackers' crosshairs -- or if you're a victim looking for help -- you'll find what follows useful.ESET @ESET13hIf you're a victim, DOJ has
Video: An Overview of Tokenization & the Credit Card ...
Akamai CSO Andy Ellis gives an overview of tokenization and why it exists, as well as a brief history of the credit card industry.
Video: Josh Corman on Different Adversary Classes
Akamai Director of Security Intelligence Josh Corman gives an overview of different adversary classes and their motivations.
IBM, Akamai Team Up in DDoS Fight
As part of a new partnership, IBM will integrate Akamai's Kona Site Defender with IBM's Cloud Security Services portfolio. IBM Security Services General Manager Kris Lovejoy said her company decided to join forces with Akamai because of its track record in protecting customers from DDoS attacks. "Our clients tell us there is a need to strengthen cloud security," Lovejoy said in a statement. "The partnership with Akamai combines a world-class security
Movin' On Up (The OSI Stack)
For months now, those of us working to protect Akamai's customers have been trumpeting the same theme: in the same way that companies, technology and applications are moving "Up the Stack" to the web layer, attackers have followed. For the first time since the inaugural "State of the Internet Report" was published in Q1 2008, we saw solid statistical proof to date that the threat landscape has changed: As of
State of the Internet Report: DDoS Trends, SEA Attac ...
The latest Akamai State of the Internet report analyzes recent DDoS trends and includes a section on something I've written about a lot in recent months -- attacks from the so-called Syrian Electronic Army. DDoS attacks spiked in the second quarter of 2013, with Akamai customers reporting 318 attacks -- a 54 percent increase over the 208 reported in the first quarter. At 134 reported attacks, the Enterprise sector continued to