Akamai is aware of a vulnerability, announced at the USENIX Security conference on Aug 10, 2016, which describes a vulnerability in the Linux kernel's tcp stack implementation (kernel versions 3.6 to 4.6). At a high-level, a patient adversary can leverage rate-limited challenge ACK's on a non-secure tcp connection to conduct a hijacking attack.
Get In Touch
Recently in Web Security Category
A year ago Akamai's Threat Research Team exposed a "Blackhat Search Engine Optimization (SEO)" attack campaign. The goal of the campaign was to manipulate search engines rankings and grow visibility for a web site that allows users to share their cheating and infidelity stories.
Last week, American Banker hosted its brand new conference, Cybersec 2016 in Midtown Manhattan. Penny Crosman (@pennycrosman), Editor at Large, American Banker, did a great job as chair of the event and brought together thoughtful presenters and panelists. There were great insights from leaders in the industry from BBVA, Bank of the West, USAA, Mastercard, U.S. Bank, and many others. It was a fantastic day of information sharing - exactly what we need more of within the Financial Services Industry.
Akamai SIRT has published a new case study detailing a series of DDoS attack campaigns against the MIT (Massachusetts Institute of Technology) network. So far in 2016, MIT has received more than 35 DDoS campaigns against several different targets which have been mitigated by at least one of our cloud solutions.
The new case study authored by Wilber Mejia outlining the DDoS campaigns and attack methods utilized can be downloaded here.
Dominic Scheirlinck and the httpoxy disclosure team disclosed a vulnerability on Monday, July 18th that affects many PHP and CGI web-apps.
Many origin web applications (particularly PHP and CGI applications) unsafely trust the "HTTP_PROXY" environment variable when generating forward requests. The CGI spec (which PHP also follows) calls for the incoming header to be converted to an environment variable before executing the cgi application. The conversion specifies that "HTTP_" be prepended to the incoming header name. This means that an attacker can set the "HTTP_PROXY" environment variable for a vulnerable application by sending a "PROXY" HTTP header.
I am excited to attend American Banker's new conference, Cybersec 2016 in NYC on July 19. This is a new conference for American Banker and it is bringing together some great speakers from USAA, Bank of the West, BBVA and many other innovative financial institutions. I am particularly looking forward to hearing Frank Abagnale speak - I really enjoyed his book "Catch Me if You Can"!
In short, most likely.
Bots have become a hot topic with many retailers lately as security has become a higher priority. Malicious bots can be part of a Distributed Denial of Service (DDoS) attack or efforts to extract valuable customer data, or both.
It is interesting to see how fiction can affect our judgement or, at least, our opinions. Below, what you have is an excerpt (the first chapter) of a draft of a novel that I have come across and made me think a lot. Bear with me: read this entire article and then come back to this post. If nothing else, you may enjoy 4 minutes of literature.
I was on a flight to Brazil last night to kick off a week of meetings with partners and customers in Latin America. During the eight-and-a-half-hour flight from Atlanta, I got an opportunity to watch a few movies I've been meaning to catch up on, and on the top of the list was Steve Jobs. There's a scene near the end of the movie where Steve is trying to recruit John Sculley, the CEO of Pepsi, to join Apple as their new CEO. Steve Jobs' winning pitch was that his vision for the Macintosh will be the equivalent of a bicycle for our minds.
I am scheduled to give a security talk next week at the Gartner Security Summit entitled: Web Application Defender's Field Report. In the talk, I will be covering statistics and technical details of web application attacks from our just released State of the Internet (SOTI) Report for Q1 2016. One of the more interesting details of the report centers around the analysis of massive Account Takeover (ATO) attack campaigns that targeted two of our customers.