Akamai Diversity

The Akamai Blog

Bill Brenner

Bill Brenner

August 7, 2013 5:05 AM

Carder Gangs Continue Account Takeover Attempts

Akamai InfoSec continues to monitor repeated attempts to hijack the accounts of those doing business with our customers. In this attack, the bad guys reuse credentials they've stolen from other sites to fraudulently acquire merchandise. Attackers use automated tools commonly referred to as account checkers to quickly determine valid user ID and password combinations across a large number of ecommerce sites. The tools help the attackers identify valid accounts quickly

Bill Brenner

Bill Brenner

August 6, 2013 7:59 AM

Four News Reports On Recent DDoS Activity

Since one of Akamai InfoSec's biggest tasks is to blunt the impact of DDoS attacks against customers, I'm always scanning the various tech news outlets to see what's new and who among us is being quoted. Here are four that have caught my attention in recent days -- two of which include insight from Akamai CSIRT Director Michael Smith.DDoS Attackers Change Their Game PlansSmith is quoted in this article about how

Dave Lewis

Dave Lewis

August 5, 2013 11:26 AM

Bypassing Content Delivery Security

As is true of every year at Black Hat there are some talks that catch our attention. Talks range from the well thought out research papers to those of the narcissistic vulnerability pimps. This year was no exception. A talk entitled "Denying Service to DDoS Protection Services" by Allison Nixon is a presentation which fell into the well thought out column. This talk caught our attention for the obvious reason

Bill Brenner

Bill Brenner

August 5, 2013 6:00 AM

Security Reminders Inspired By Van Halen's Brown M&M ...

It's a popular bit of Rock & Roll lore: The band Van Halen conducted a test to make sure its tour contracts were being read, placing in a line saying there were to be no brown M&Ms backstage. Not surprisingly, they found a couple browns and trashed their dressing room in response. The real story is a lot less dramatic. It wasn't about the band playing games with people. It

Andy Ellis

Andy Ellis

August 1, 2013 9:02 AM

Environmental Controls at Planetary Scale

A common set of security control objectives found in standard frameworks (ISO 27002, FedRAMP, et al) focus on environmental controls. These controls, which might focus on humidity sensors and fire suppression, are designed to maximize the mean time between critical failure (MTBCF) of the systems inside a data center. They are often about reliability, not safety[1]; fixating on over-engineering a small set of systems, rather than building in fault tolerance.

Bill Brenner

Bill Brenner

August 1, 2013 2:00 AM

Black Hat 2013: A Point-Counterpoint

An old friend and seasoned veteran of the security industry, Alan Shimel, was quick to pounce on my statement yesterday that there is nothing new happening in security; that we're simply trying to find more effective ways to deal with the same old problems.Alan does make some valid points, especially the argument that there has been advancement on the technology side of things. I was speaking more to the messaging

Bill Brenner

Bill Brenner

July 31, 2013 5:45 AM

BSidesLV 2013: A Place For Security Newbies

One of the things I've always loved about Security B-Sides is that it offers a nurturing environment for people who are young in their InfoSec careers. An example of that is playing out this week in Las Vegas.Among the tracks of talks being offered is one devoted entirely to newbies and the more seasoned veterans who have been guiding them along in a successful mentoring program. The track -- called "Proving

Bill Brenner

Bill Brenner

July 31, 2013 12:30 AM

Black Hat 2013: What's New In Security? Nothing.

I get the question a lot at conferences like Black Hat: What do I see as the next big thing in security? I usually respond with a blank stare. The reason is that I see absolutely nothing new, and haven't for some time.Some might say that's a cynical, jaded response. I don't think so. Security doesn't need a constant torrent of new trends to be interesting and important.A decade ago,

Bill Brenner

Bill Brenner

July 30, 2013 1:30 AM

Black Hat 2013: Remembering Barnaby Jack

A big topic of conversation in Las Vegas this week is the death of famed hacker Barnaby Jack, who was scheduled to give a presentation on how to hack into pacemakers and implanted defibrillators from 30 feet away. His speaking slot will instead be a celebration of his life and work. "Black Hat will not be replacing Barnaby's talk on Thursday, Aug. 1," event organizers said in a statement. "No