Akamai Diversity

The Akamai Blog

Patrick Sullivan

Patrick Sullivan

October 5, 2017 11:43 AM

Data Breaches and Credential Stuffing: Don't Get TKO ...

It has been a very rough month for the information security community. It feels like we've been on the losing end of a championship fight against Floyd Mayweather.

Asaf Nadler

Asaf Nadler

September 21, 2017 10:09 AM

Introduction to DNS Data Exfiltration

Written by Asaf Nadler and Avi Aminov Updated 2/14/19 After the initial publication of this blog post, Asaf Nadler and Avi Aminov wrote a paper on the detection of malicious and low throughput data exfiltration over the DNS protocol. The DNS protocol is a naming system for host machines and an essential component in the functionality of the Internet. The vast number of domains and subdomains on the Internet today

Mani Sundaram

Mani Sundaram

September 14, 2017 1:10 PM

Akamai Prioritizes People Safety and Continuity of S ...

Written by Mani Sundaram, SVP Global Services & Support; Francis Trentley, VP Security Services & Support; Roger Barrango, Director Global Security Operations. Hurricane Irma affected millions this week. As always here at Akamai, taking care of people comes first, and the wellbeing of our team was the foremost priority. Akamai had both personnel and facilities in the storm path and operated with an abundance of caution to ensure the safety

Akamai InfoSec

Akamai InfoSec

September 5, 2017 12:05 PM

WireX update: UDP attack capabilities

*Akamai would like to acknowledge the research by F5 containing additional information on the capabilities of this malware, released September 2nd. Finding new features The WireX botnet was discovered due to its role in a series of prolonged attacks against several organizations. It was brought to our attention, thanks to researchers at 360.cn, that some WireX samples found in the wild appeared to have additional UDP attack capabilities that weren't

Akamai InfoSec

Akamai InfoSec

August 28, 2017 8:05 AM

The WireX Botnet: An example of cross-organizational ...

Introduction On August 17th, 2017, multiple Content Delivery Networks (CDNs) and content providers were subject to significant attacks from a botnet dubbed WireX. The botnet is named for an anagram for one of the delimiter strings in its command and control protocol. The WireX botnet comprises primarily Android devices running malicious applications and is designed to create DDoS traffic. The botnet is sometimes associated with ransom notes to targets.

Barry Greene

Barry Greene

August 23, 2017 1:43 PM

What makes a good "DNS Blacklist"? - Part 2

In "What makes a good 'DNS Blacklist'? - Part 1", we explored the background and factors that have gone into Akamai's thinking behind New security products like Enterprise Threat Protect (ETP). This article continues with a list of factors and questions to ask any DNS Threat Feed providers, including Akamai. What should enterprises look for in the DNS Threat Policies? DNS Threat Policies are more than a DNS Blacklist. The

Barry Greene

Barry Greene

August 22, 2017 1:22 PM

What makes a good "DNS Blacklist"? - Part 1

Reflections on Modern Actionable Threat Intelligence used to turn a DNS Resolver into a Critical Security Tool Akamai has just launched the Enterprise Threat Protection (ETP) platform. ETP is built on Akamai's global AnswerX Cloud that now reaches 28 countries and is expanding to new countries every month. As a new player in Cloud DNS resolver services, competitors will ask "why Akamai?" or "what gives Akamai the knowledge and capacity

Akamai

Akamai

August 15, 2017 11:04 AM

Akamai Is Named A Leader In Gartner's Magic Quadrant ...

"Don't work for recognition, but do work worthy of recognition" - H. Jackson Brown. A friend sent this quote to me after I explained to her my ambivalence about being recognized by Gartner as a "Leader" in their Web Application Firewall Magic Quadrant. I had mixed feelings because I wanted to believe that I knew the market, I knew our competitors, and I certainly already knew what our customers were

Larry Cashdollar

Larry Cashdollar

August 2, 2017 6:30 AM

Larry's Cabinet of Web Vulnerability Curiosities

One of my responsibilities as a member of the Akamai Security Intelligence Response Team (SIRT) is to research new web application vulnerabilities. For the last year, I have focused on Wordpress plugin vulnerabilities, and looking for any interesting code tidbits in my box of Wordpress toys. There are almost 50,000 wordpress plugins (at time of publication) and Wordpress is the Content Management System (CMS) of choice for over 30 million