The Akamai Blog Subscribe
Attack of the Killer ROBOT
On Dec 12th, 2017, researchers Hanno Böck, Juraj Somorovsky and Craig Young published a paper detailing an attack they called the Return Of Bleichenbacher's Oracle Threat (ROBOT)(https://eprint.iacr.org/2017/1189). This attack, as the name implies, is an extension of an attack published in 1998 (https://link.springer.com/content/pdf/10.1007%2FBFb0055716.pdf) that affects systems using certain implementations of RSA key exchange. Customers have voiced concerns about this threat and asked how Akamai can help. Customers that use Akamai
Akamai, Mirai, & The FBI
Through the end of 2016, and throughout 2017, multiple Mirai-based botnets targeted multiple Akamai customers. The very first Mirai attack against Akamai was a multi-day barrage, weighing in at a peak of 620/Gbps that sent shockwaves across the Internet. The same botnet would go on to conduct several hard hitting attacks across the Internet and cause widespread outages. On December 13, 2017, the Department of Justice (DOJ) announced that multiple
Retailers capitalize on mobile experiences to genera ...
The results are in, Black Friday and Cyber Monday broke all records in 2017 as the total revenue for these days exceeded $11.5 billion. Anticipating that more consumers would shop online, retailers invested in digital experiences and geared up for the holidays by (i) stocking fewer items in stores to reduce inventory costs and (ii) hiring few seasonal workers. Retailers' predictions were accurate, and their investment in digital experiences paid
Layered Security Without the Layered Complexity
With the recent influx of news reports regarding security incidents, more Chief Information Security Officers (CISOs), Chief Information Officers (CIOs), and IT professionals are reviewing current security infrastructures, policies, and practices to identify potential weaknesses in their security posture. This has long been best practice, but with the progressive use of various attack and threat vectors now employed by malicious actors against businesses, this practice must be constantly in play
Maximize security insights by integrating threat int ...
Since 2005, when Gartner coined the term, SIEM (Security Information and Event Management) solutions have grown in importance for the security industry. SIEM solutions provide a centralized view to easily access and analyze security information from multiple sources, and then prioritize mitigation efforts based on risk profiles. SIEM also helps organizations meet their security log analysis and incident/event reporting requirements.
What You Need To Know About The "ROCA" vulnerability
By Daniel Franke, Infosec Researcher Akamai is aware of the recently-disclosed "ROCA" vulnerability in cryptographic firmware used in products made by Infineon Technologies. A bug in the firmware's prime-search algorithm used for RSA key generation results in RSA keys that are relatively cheap and inexpensive to factor. The bug impacts Infineon Trusted Platform Modules (TPMs) as well as many smartcards and Hardware Security Modules (HSMs) that use Infineon chips but
Fast Flux Botnet: Research Results
Just like that, another Akamai Edge has come and gone. If you were able to join us this year, I hope you had a chance to stop by my presentation on Threat Intelligence Insights: An In-Depth Analysis of a Fast Flux Botnet.
KRACK Vulnerability in WiFi WPA2
Akamai is aware of a family of vulnerabilities known as the Key Reinstallation Attack or KRACK. These vulnerabilities abuse implementation flaws found in all modern wireless networks using WPA2. The KRACK attack is effective at the protocol level and therefore affects all systems using current WiFi encryption, including iOS, Linux, Windows and Android. The vulnerabilities allow the attacker to reinstall a previously used cryptographic key. This would allow for the