Web Application and API Protection -- From SQL Injection to Magecart

SQL injections were first discovered in 1998, and over 20 years later, they remain an unsolved challenge and an ongoing threat for every web application and API. The Open Web Application Security Project OWASP highlighted injection flaws in its Top 10 lists for both web application security risks...

Authentication: Lessons Learned from Microsoft Exchange and F5 BIG-IP Hacks

The past month has been a very dynamic time in the world of security for hackers and threat researchers, but it has been an extended nightmare for CSOs responsible for securing their enterprise networks. For starters, on-premise Microsoft Exchange servers were attacked in droves after a set of...

What makes a good "DNS Blacklist"? - Part 2

In "What makes a good 'DNS Blacklist'? - Part 1", we explored the background and factors that have gone into Akamai's thinking behind New security products like Enterprise Threat Protect ETP. This article continues with a list of factors and questions to ask any DNS Threat Feed providers, includi...

How Akamai Can Help You Fight the Latest Exploitation Attempts Against Microsoft Exchange

Co-authored by Ryan Barnett. AppSec Protections for Microsoft Exchange CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065 On March 2, 2021, the Microsoft Security Response Center alerted its customers to several critical security updates to Microsoft Exchange Server, addressing...

Microsoft Exchange and Verkada Hacks: Isolate Your Apps and APIs from the Internet Cesspool

It's been an interesting start to March in terms of public security incidents. This month kicked off with multiple zero-day exploits being used to attack on-premises versions of Microsoft Exchange Server. And, as if that wasn't enough, that attack was quickly followed by the news that a hacktivis...

Spring Cloud Function SpEL Injection (CVE-2022-22963) Exploited in the Wild

Although Spring Cloud Functions are not as widespread as the Log4j library, and should provide a good separation from the hosting server, some draw the line between the two, due to the ease of exploitation over HTTP/s. This new vulnerability will definitely result in many threat actors launching...

DNSSEC: How It Works & Key Considerations

From its beginnings as a replacement for a centralized database, the Domain Name System DNS has evolved into a dynamic, highly distributed, question-answer protocol. The proverbial "phone book of the internet" has increased in complexity and scale alongside the rapid growth of the World Wide Web...

Launching a New Game Studio and Planning for Growth

So, you're starting your own game studio. This is an incredible opportunity! You and your team get to start fresh and build the game of your dreams! But, let's be honest, if you have just founded your own game studio, odds are that you're not a technical architect. You may have some technical...

Akamai Protects Against the Atlassian Confluence 0-Day (CVE-2022-26134)

Atlassian has released a security advisory to address a remote code execution vulnerability CVE-2022-26134 that’s affecting Confluence Server and Data Center products...

CISA Emergency Directive 21-03: VPN Vulnerabilities Actively Exploited

On April 20, 2021, the Department of Homeland Security Cybersecurity and Infrastructure Security Agency CISA released an alert on the exploitation of Pulse Connect Secure Vulnerabilities with Alert AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities, as well as Emergency Directive ED...

Verify JWT With JSON Web Key Set (JWKS) in API Gateway

JSON Web Tokens JWT use digital signatures to establish the authenticity of the data they contain, as well as authenticating the identity of the signer. A valid signature check ensures that any party can rely on the contents and the signatory of the JWT. This is typically accomplished by using an...

Linux Kernel TCP Vulnerability

On the week of July 15th researcher Juha-Matti Tilli disclosed a vulnerability he discovered in the Linux kernel to the kernel maintainers, the National Cyber Security Center - Finland NCSC-FI, CERT Coordination Center CERT/CC, and Akamai. The vulnerability, CVE-2018-5390, is a resource exhaustio...

Intercept SaaS Services with the Akamai EAA Client

I was quite fortunate to visit Tokyo for the first time last year, and it was an unforgettable experience to explore all the sights and sounds around the Ginza district and to interact with the very friendly Japanese people. It wasn't all play, though -- and I had to get some real work done as...

Enhancing video streaming quality for ExoPlayer - Part 1: Quality of User Experience Metrics

Authors: Mark Greve, Domițian Tămaș-Selicean The online video player landscape is fragmented with a wide variety of players across a mix of popular platforms. In the world of HTML5-video players in browsers, there are a number of open-source solutions e.g., hls.js, dash.js, Shaka Player, as well ...

Watermarking: A Content Owner's Mark to Prevent Piracy

Akamai Adds Edge Based Watermarking Support, Pre Integrated with leading 3rd Party Providers ... State of Online Piracy within Media and Entertainment Revenue losses and lost monetization opportunities by virtue of content theft and piracy continue to plague the media and entertainment industry...

Anyone For a Smart Network Slice?

As with any standardization effort, development of 5G specifications accounted for numerous technology trends and new use cases. Network functions were designed for virtualization and automation to enhance operational efficiency and agility. At the same time, smart devices were in the midst of a...

All Access Is (or Should Be) Remote Access

With the transition to remote work, we often hear the term remote access used in unison. Typically, remote work application access is facilitated via a remote access mechanism and, presumably, local work application access is facilitated via a local access mechanism. But I argue that this...

CVE-2021-44228 - Zero Day Vulnerability in Apache Log4j that allows remote code execution (RCE)

See how Akamai helped open-source logging library Log4j fight against a critical unauthenticated remote code execution RCE vulnerability and reduce customer exposure...

Akamai’s Response to Zero-Day Vulnerabilities in Microsoft Exchange Server (CVE-2022-41040 and CVE-2022-41082)

Akamai Security Research has released web application firewall protections for Microsoft Exchange CVE-2022-41040 and CVE-2022-41082...

SAML Implementation Vulnerability Impacting Some Akamai Services

This blog post provides an overview of a vulnerability discovered in Akamai's Enterprise Application Access EAA product which has been patched. This vulnerability could have allowed an actor to impersonate an authorized user when interacting with an application that used Security Assertion Markup...

Access Revocation: A Content Provider's Tool to Block Pirates in Real time

Akamai Announces New Capability to Allows Content Providers to Shut Down Sources of Piracy ... The Growth of Global Online Video Consumption and Piracy Media and entertainment companies, including Content owners and Over-the-top OTT service providers are living in an era that provides them an...

How the Edge Improves Microservices

Microservice architecture has transformed the way we develop and operate our applications. Microservices aren't a technology or a programming language. Instead, they create a structure for designing and building applications based on the idea that the individual functions of a website should...

Larry's Cabinet of Web Vulnerability Curiosities

One of my responsibilities as a member of the Akamai Security Intelligence Response Team SIRT is to research new web application vulnerabilities. For the last year, I have focused on Wordpress plugin vulnerabilities, and looking for any interesting code tidbits in my box of Wordpress toys. There...

Holiday Readiness: What You Should Be Thinking About Four Months Out

Written by: Michael Hansen This is a blog series about Akamai solutions that can help you manage the surge of traffic both good and bad that will be hitting the retail industry during the holiday season. The beginning of August is upon us, and if you haven't already started thinking about the...

Christmas Day was Quiet for Online Retailers But Picked Up Immediately on Boxing Day

Christmas Holiday Retail Sales In early November, eMarketer forecast that the 2018 U.S. online retail holiday sales would be $106 billion, a healthy increase of 16.6% over 2017. The Black Friday & Cyber Monday sales results confirmed that optimistic forecast with a combined total of nearly $14b i...

Better Real User Monitoring with BoomerangJS and Akamai mPulse

In this blog, we'll walk through a few different snippet insertion methods and available optimizations. Akamai's real user monitoring RUM solution, mPulse, uses a bit of JavaScript code an mPulse snippet and the BoomerangJS library to collect performance data from a user's Web browser. However, t...

Critical Remote Code Execution Vulnerabilities in Windows RPC Runtime

Microsoft’s April 2022 Patch Tuesday introduced patches to more than a hundred new vulnerabilities in various components. Three critical vulnerabilities were found and patched in Windows RPC Remote Procedure Call runtime: CVE-2022-24492 and CVE-2022-24528 discovered by Yuki Chen with Cyber KunLun...

March 2020 -- Akamai Edge Security: Leader in Five Forrester Wave Reports

Forrester has named Akamai a Leader in five different Wave and New Wave reports. This significant achievement reflects the strength of Akamai's intelligent edge platform for securing and delivering digital experiences across our entire security portfolio. Forrester Wave Leaders are the top vendor...

CVE-2022-30216 - Authentication coercion of the Windows ?Server? service

In this blog, see how an off-by-one error could lead to domain controller access in Microsoft Server Service...

But We Have an Email Gateway...

In my previous phishing blogs, I wrote about the evolution of phishing and the industrialization of phishing that's being driven by the availability and low cost of toolkits. In this blog post, I'm going to provide more information about emerging phishing attack vectors and how cybercriminals are...

Zero Trust Security Architectures - Akamai's Approach

This is Part 5 of a 5 part blog series. Jump to Part 1: Introduction Jump to Part 2: Network Micro-Segmentation Jump to Part 3: Software Defined Perimeter Jump to Part 4: Identity Aware Proxy Introduction In the first part of this blog series, we covered an overview of zero trust architecture...

Protecting your Domain Names: Taking the First Steps

Everyone and everything on the Internet depends on the Domain Name System DNS being functional. The DNS has been a common vector for attacks in recent years, and 2019 seems to be no different. Many of these attacks have goals far more sinister than simply taking a company offline or defacing a...

Going Beyond Advertising: Revenue Diversification in Publishing

The pandemic has had a profound short-term effect on publishers around the world -- a jump in readership somewhat dampened by disappearing advertising revenue. In many media firms, the digital channel has become most important, accelerating the move to digital while also highlighting the fragilit...

Securing Social / Locking Login / Armoring Authentication

Authentication might be the single biggest hazard for web security over the next decade. It's not that the fundamentals of authentication are particularly challenging; we've understood the basic principles behind password management, push-based authorization, and device certificates for some time...

Geolocation and DNS Traffic Management

What is GTM Global Traffic Management, or GTM, is a DNS-based load balancing service that offers application owners a level of flexibility and insight that is unmatched by traditional on-prem solutions. Highly scalable and fault-resilient, GTM offers customers a layer of abstraction between...

Akamai Load Balancing to Lock-in Quality

The Right Service from the Right Edge at the Right Time Introduction As Akamai's Global Traffic Management for Cloud, Data Centers and CDNs blog introduces, Akamai's Intelligent Edge™ platform includes DNS and Layer 7 load balancing capabilities that combine to get users to the right edge at the...

Linux Kernel IP Vulnerability 2

On the week of July 15th, researcher Juha-Matti Tilli disclosed a vulnerability in the Linux kernel to the kernel maintainers, the National Cyber Security Center - Finland NCSC-FI, CERT Coordination Center CERT/CC, and Akamai. The vulnerability, CVE-2018-5391, is a resource exhaustion attack...

CVE-2021-44228 - Patching is Recommended for Evolving Zero Day Vulnerability in Apache Log4j that allows remote code execution (RCE)

Akamai has been monitoring the rapidly evolving developments of CVE-2021-44228. We have been working closely with our customers and internal application teams to mitigate the risks posed by the threat of unauthorized remote code execution. This includes deploying an update to our existing Apache...

Mitigating CVE-2021-41773: Apache HTTP Server Path Traversal

On September 29, Ash Daulton, along with the cPanel Security Team, reported a path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.29 to the Apache security team. The issue was fixed within two days, under CVE-2021-41773, and the patch was released on October 4. Apache urged...

Confluence Server Webwork OGNL Injection (CVE-2021-26084): How Akamai Helps You Protect Against Zero-Day Attacks

Recently Atlassian has disclosed a critical RCE Remote Code Execution vulnerability in its Confluence server and Data Center products CVE-2021-26084, which might allow unauthenticated users to execute arbitrary code on vulnerable servers...

October 2019 - What's New in Web Performance?

Today, Akamai announced the October 2019 Release, which introduces new capabilities to the Performance product line with a focus on helping customers deliver superior experiences with the power of the Edge. Here are some highlights from the release with additional detail below. EdgeWorkers enable...

Quickly Extend Live Streams with VOD Clipping

Time is always of the essence to extend compelling video content such as sporting events and concerts and make the most of media rights windows. This is especially true for catch-up TV, highlight creation, time-shifting 24/7 simulcast streams, and social sharing. At Akamai, we are continually...

Pixel Perfect. Enhanced Optimizations Focused on Customer Experience

I remember the days when brands captivated users online with dancing aliens LowerMyBills.com and Elf Yourself advertising campaigns OfficeMax. In this new digital era, however, customers are smarter, more powerful, and dictate more than ever how and when they interact with brands. More important...

Quick Retry: Per Request Route Optimization to Reduce Video Rebuffer Rates

A slow response can wreck an otherwise perfect video playback experience. At least, that is what data shows when it comes to streaming high quality video content to any device, anywhere in the world. While there is no way to control when a slow response will happen, Akamai can offer an alternativ...

Faster On-Boarding for Performance and Security Products

As part of our October release, we are making our onboarding experience much faster and simpler. These benefits are extended to new customers looking to onboard and protect new hostnames on Akamai - as well as existing customers looking to spin up, test, and protect new functionality within their...

Emotet: A Year in the Life of a Malware

Overview Emotet malware has been around since 2014, but 2020 saw a resurgence of attacks. In September 2020, Emotet affected 14% of organizations worldwide. So, what is Emotet? And why is it so dangerous? Emotet is a sophisticated trojan that is most commonly used as a dropper for other malware...

Optimizing Video Streaming Performance with Origin-Assisted Prefetching

Online video streaming is everywhere today. It's available on the smallest hand-held devices to the largest of screens in our living rooms. Magically and for the most part, it works and provides a very captivating experience. However, if you step back to look at the overall architecture, media...

Broadcast Operations Control Center (BOCC): Enabling OTT Broadcast Operations

So, what is the BOCC? Simply put, Akamai runs a state-of-the-art Broadcast Operations Control Centre, the BOCC, to help ensure smooth and seamless end-user play-back experience for live OTT Over the Top and linear video delivered through Akamai Media Delivery Solutions. To phrase it more...

Wordpress DoS Attack: CVE-2018-6389

Overview On February 5, an Israeli security researcher, Barak Tawily, discovered a Denial of Service DoS attack impacting all 3.x-4.x versions of the Wordpress content management platform. The vulnerability is currently unpatched and relies on a performance boosting feature in Wordpress allowing...

Serverless Storage at the Edge (EdgeKV Beta)

We are pleased to announce the launch of EdgeKV, our distributed key-value store, into beta! EdgeKV is enabling technology for EdgeWorkers, our serverless computing platform that enables developers to create services using JavaScript and deploy them across our platform. When writing JavaScript,...