Akamai Diversity

The Akamai Blog

Bill Brenner

Bill Brenner

August 22, 2013 9:10 AM

DDoS Attacks Used As Cover For Other Crimes

Protecting customers from DDoS attacks is an Akamai InfoSec specialty. When we see DDoS attempts against our customers, the typical thinking is that someone is doing it to force sites into downtime, which can cost a business millions in lost online sales. But sometimes, these attacks are simply a cover operation to distract the victim while something else is going on. A story that caught our attention in SC Magazine and elsewhere

Akamai Edge

Akamai Edge

August 20, 2013 10:25 AM

See You at Edge 2013!

Since our founding, Akamai has been at the vanguard of the Internet revolution. And as we prepare to celebrate our 15th anniversary this month, our spirit of innovation and our desire to solve the most difficult Internet challenges are just as strong today as they were 15 years ago. From day one, we have worked hard to gain an understanding of how our customers want to use the Internet to

Akamai

Akamai

August 19, 2013 6:23 AM

Ten Years After the Blaster Worm

This month marks the 10th anniversary of Blaster -- a worm that tore a path of disruption across the Internet. It struck a few months before I started writing about information security. But even then I was well aware that something big had happened. I was editing for a daily newspaper at the time and had no idea what patch management, software vulnerabilities and malware were. But Blaster was a

Bill Brenner

Bill Brenner

August 16, 2013 8:32 AM

Microsoft's August Patch Matrix

Microsoft released it's monthly patch load this week. To help identify and deploy the security fixes, here's a table showing the different bulletins, the severity of the flaws, and the products impacted. Bulletin IDBulletin Title and Executive SummaryMaximum Severity Rating and Vulnerability ImpactRestart RequirementAffected SoftwareMS13-059Cumulative Security Update for Internet Explorer (2862772) This security update resolves eleven privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution

Bill Brenner

Bill Brenner

August 14, 2013 5:05 AM

2003 Blackout: An Early Lesson in Planetary Scale?

On the drive to work this morning, I listened to a report about this being the 10th anniversary of the massive blackout that plunged an area from New York City to Toronto into darkness. I immediately thought of a post Akamai CSO Andy Ellis wrote recently called "Environmental Controls at Planetary Scale."It might be overreaching to say the 2003 blackout was an early case study in the success and failures

Akamai

Akamai

August 13, 2013 2:27 PM

How Akamai eDNS Protects Against DNS Attacks

Andy Ellis's recent post "DNS Reflection Defense" describes how DNS works and lists general guidelines for defending against DNS attacks. This post continues the discussion of DNS protection by describing how Akamai's "eDNS" offering protects customers from both volumetric and reflective attacks on DNS infrastructure. What is a Volumetric Attack?In a volumetric attack, a attacker uses a BotNet to generate a large volume of DNS requests. The attacker's goal is to take down

Andy Ellis

Andy Ellis

August 12, 2013 9:52 AM

Assessment of the BREACH vulnerability

The recently disclosed BREACH vulnerability in HTTPS enables an attack against SSL-enabled websites. A BREACH attack leverages the use of HTTP-level compression to gain knowledge about some secret inside the SSL stream, by analyzing whether an attacker-injected "guess" is efficiently compressed by the dynamic compression dictionary that also contains the secret. This is a type of an attack known as an oracle, where an adversary can extract information from an

Bill Brenner

Bill Brenner

August 12, 2013 6:09 AM

Microsoft Security Patches Coming Tomorrow

Tomorrow is the second Tuesday of the month, which those of us in security know as Patch Tuesday -- the day Microsoft unloads its security updates. It's an important calendar item for Akamai customers, given how dominant Windows machines are in many companies.Late last week, Microsoft offered a preview of what to expect. What follows is a chart showing the number of bulletins planned, along with the severity and products

Meg Grady-Troia

Meg Grady-Troia

August 9, 2013 8:14 AM

DefCON Observations from a First-Timer

In April of this year, InfoSec launched a new team called Customer Compliance. Several senior InfoSec employees joined its ranks, and I was hired into the team. My name is Meg Grady-Troia, and I'm a member of Akamai's Customer Compliance team because I am an anthropologist, an educator, and a writer. My job is finding creative and effective ways to begin sharing Akamai's security posture and platform with our customers,