The Akamai Blog

Unfortunately, today's sophisticated web application threats have gained some advantages over typical WAFs: Favorable odds -- WAFs must correctly identify attacks 100% of the time, whereas attackers have the luxury of only needing to find a single bypass or evasion Temporary fixes -- Many WAFs use a "whack-a-mole" response tactic by only denying the individual attack request, allowing the attacker to make repeated attempts Persistence -- If left unimpeded, attackers may eventually find some type of payload obfuscation that minimizes detection effectiveness The confluence of these advantages should concern WAF customers. Let's take a closer look at the typical web attacker methodology to see why.

The presence of public "over-the-top" DNS resolution alternatives is a strong motivator for internet service providers (ISPs) to invest in making their DNS resolution infrastructure the best that it can be. Resolvers are the glue that binds subscribers to their fixed and mobile broadband services.

2020 has shown both record-busting bps and pps attacks and the most prolific DDoS extortion campaign recorded by Akamai.

By Gal Bitensky, Executive Summary Link scanners are a critical component in multiple classes of security products including email security suites, websites that suggest direct inspection of a suspicious link, and others. Behind the scenes, these services use web clients...

2020 was a challenging year for many of us, as the COVID-19 pandemic disrupted life and introduced challenges in almost all elements of living. 2020 was also challenging from a cybersecurity point of view, as nearly the entire workforce moved...

In part 1 of this series, I drew the architectural distinction between a centralized cloud platform and a distributed edge network. This is an important foundation upon which to explain the difference between cloud computing and edge computing. The two serve very different and complementary purposes. However, in my experience, business leaders, product owners, and application developers often mistake them as competitive.

This is Part 2 of a 3-part blog series highlighting some of the distinguishing aspects of Akamai's DNS services, Edge DNS and Global Traffic Management.

This is Part 2 of a three-part blog series highlighting some of the distinguishing aspects of Akamai's Domain Name System (DNS) services, Edge DNS and Global Traffic Management.

This is Part 1 of a 3-part blog series highlighting some of the distinguishing aspects of Akamai's DNS services, Edge DNS and Global Traffic Management.

HTTP Adaptive Segmented (HAS) streaming began to be used at scale from 2008 to 2012, with the advent of Move Networks, Microsoft Smooth Streaming, Apple HLS, Adobe HDS, and MPEG DASH. With the typical 10s segment durations of the day, livestream latencies (measuring latency as the time from an action being filmed to that same action being displayed on a device's screen) remained in the 30s to 60s range, trailing broadcast by a significant degree.

Since mid-August, a variety of threat actors (and copycats alike) have been targeting organizations across all industries globally, threatening impending DDoS attacks unless Bitcoin is paid out. It's apparent, as the campaign rages on, that some businesses must be paying the extortion demands, -- incentivizing the criminal activity. Others are procuring emergency DDoS defenses in order to withstand bandwidth-busting attacks and keep internet-facing infrastructure protected. As highlighted in our last blog, we've been busy ramping customers on to our DDoS mitigation platforms for rapid protection before the threat actors strike again. And based on recent activity, they desire a rematch.

While recently looking over my honeypots, I discovered an infection where a malicious actor added a storefront on top of my existing WordPress installation. For background, this particular honeypot is a full instance of WordPress running on a Docker image....

When your customers create an account on your website or application, they are entrusting their valuable information with you in order to establish a relationship. To maintain that relationship, they need to have faith that you will protect their information.

Creating the world's best and most secure digital experience demands the very best industry talent. But as a responsible employer, we also understand how important it is to play our part in looking after those brilliant minds.

Human nature is to seek simpler and convenient ways to do things. One example is the sometimes onerous task of typing a URL into a web browser's address bar. Since users prefer short, easy-to-remember URLs, an internet trend is to use short domains for websites (e.g., edgedns.zone). With short website names, users benefit from the convenience of fewer characters to remember and type.

A new skimmer attack was discovered this week, targeting various online e-commerce sites built with different frameworks. As I write this blog post, the attack is still active and exfiltrating data.

Three years ago, I graduated with a bachelor's degree in Electronic Engineering (Mechatronic) from University Tun Hussein Onn Malaysia. I was to be an engineer in the oil and gas industry - but the universe had a better plan for me. Instead, I stepped into IT, providing Technical Support despite my lack of knowledge. I was struggling! But it was there that I found my passion.

In our previous blogs, first where we explained JavaScript Obfuscation techniques and introduced a detailed overview on how JavaScript is being used to obfuscate page content to make phishing attacks and other web scams as evasive as possible; followed by one where we took a deep dive to examine double JavaScript obfuscation techniques, presenting a tale of an obfuscated scam seen in the wild and showing how the same phishing campaign is using numerous obfuscation techniques in an attempt to remain hidden.