What Anthropic’s Mythos Means for the Future of Cybersecurity

Two weeks ago, Anthropic announced that its new model, Claude Mythos Preview, can autonomously find and weaponize software vulnerabilities, turning them into working exploits without expert guidance. These were vulnerabilities in key software like operating systems and internet infrastructure tha...

What the Huge AWS Outage Reveals About the Internet

Amazon Web Services experienced DNS resolution issues on Monday morning, taking down wide swaths of the web—and highlighting a long-standing weakness in the internet's infrastructure...

Why DNS Security Is Your First Defense Against Cyber Attacks?

In today's cybersecurity landscape, much of the focus is placed on firewalls, antivirus software, and endpoint detection. While these tools are essential, one critical layer often goes overlooked: the Domain Name System DNS. As the starting point of nearly every online interaction, DNS is not onl...

Cloudflare Mitigates Record Breaking 3.8 Tbps DDoS Attack

Internet infrastructure provider Cloudflare fends off a massive 3.8 Tbps DDoS attack, surpassing the previous record. Learn how…...

The CrowdStrike Outage and Market-Driven Brittleness

Fridays massive internet outage, caused by a mid-sized tech company called CrowdStrike, disrupted major airlines, hospitals, and banks. Nearly 7,000 flights were canceled. It took down 911 systems and factories, courthouses, and television stations. Tallying the total cost will take time. The...

Cloudflare Takes a Stab at a Captcha That Doesn’t Suck

The internet infrastructure company has an alternative tool to check whether you’re human—and it doesn’t force you to pick out buses in tiny boxes...

Cloudflare Is Taking a Shot at Email Security

The internet infrastructure company wants to protect your inbox from targeted threats, starting with the launch of two new tools...

Russia’s SolarWinds Attack and Software Security

The information that is emerging about Russias extensive cyberintelligence operation against the United States and other countries should be increasingly alarming to the public. The magnitude of the hacking, now believed to have affected more than 250 federal agencies and businesses -- ­primarily...

SQL Injection Vulnerability in Rui Jiang Cloud Hyperconverged Computing Platform

Guangdong Ruijiang Cloud Computing Co., Ltd. is a leading Internet infrastructure service provider in China, which is committed to providing professional Internet Data Center IDC, Cloud Computing private cloud solution and public cloud cloud platform and overall solutions for industry application...

Akamai Edge Cloud: Scaling IoT, Part 1

The Internet of Things IoT ecosystem is an exciting emerging market that is disrupting the way we design infrastructure to support businesses. Smart devices, homes, cities, cars, and automation supporting the Industry 4.0 industrial revolution are all placing new demands on existing internet...

Cloudflare CEO Matthew Prince on the Struggles of Policing the Web

At WIRED25 the internet infrastructure chief talks about doing the hard calculus of pulling support from controversial sites—and why that’ll happen again...

Architecting DNS for DDoS Durability and Resilience

My business depends on my domain name being 100% available. How do I ensure my domain name is durable to attack and resilient during Internet stress? After many years of hard work from many Internet engineers and system administrators, Akamai Technologies has been working towards DNS infrastructu...

GoDaddy Leaks ‘Map of the Internet’ via Amazon S3 Cloud Bucket Misconfig

UPDATE GoDaddy, the world’s largest domain name registrar, has exposed high-level configuration information for tens of thousands of systems and competitively sensitive pricing options for running those systems in Amazon AWS, thanks to yet another cloud storage misconfiguration. The documents wer...

Memcached Servers Abused for Massive Amplification DDoS Attacks

Cybercriminals have figured out a way to abuse widely-used Memcached servers to launch over 51,000 times powerful DDoS attacks than their original strength, which could result in knocking down of major websites and Internet infrastructure. In recent days, security researchers at Cloudflare, Arbor...

Three Hackers Plead Guilty to Creating IoT-based Mirai DDoS Botnet

The U.S. federal officials have arrested three hackers who have pleaded guilty to computer-crimes charges for creating and distributing Mirai botnet that crippled some of the world's biggest and most popular websites by launching the massive DDoS attacks last year. According to the federal court...

AnswerX - Akamai's 'Secret' DNS Platform

As I work with Operators all over the world, I'm amazed at two worrying. First, Operators are still treating DNS as an afterthought. Everyone knows that if DNS is down, the network is down. Too many people are taking DNS's resiliency for granted. DNS "just works" is assumed to be norm until it do...

Internet Bug Bounty: Mercurial can be tricked into granting authorized users access to the Python debugger

I reported this bug privately to Mercurial and they produced an out of band release to fix the bug here: https://www.mercurial-scm.org/wiki/WhatsNewMercurial4.1.3.282017-4-18.29 I produced a very detailed proof of concept with a Metasploit exploit module, which can be seen publicly here:...

Windows Botnet Spreading Mirai Variant

A Chinese-speaking attacker is spreading a Mirai variant from a repurposed Windows-based botnet. Researchers at Kaspersky Lab published a report today, and said the code was written by an experienced developer who also built in the capability to spread the IoT malware to Linux machines under...

Inside North Korea's Naenara Browser

Up until a few weeks ago, the number of people outside of North Korea who gave much thought to the Internet infrastructure in that country was vanishingly small. But the speculation about the Sony hack has fixed that, and now a security researcher has taken a hard look at the national browser use...

Securing an Internet Made From 'Duck Tape and Baling Wire'

LAS VEGAS–The Internet that we use today was not designed as a cohesive network. It was put together from found bits and pieces over the course of the last few decades, and, as major bugs such as Heartbleed and others have shown, it’s a frighteningly fragile construction. Attackers know this as...