The Akamai Blog

Locking tokens to the client IP address might seem like a good way to prevent content theft, such as sharing of authenticated URLs that include tokens. It might even appear to work in small-scale test environments. However, the internet has evolved to a point where it’s quite common for clients to use multiple source IP addresses. This is especially true when a token is created by a server on one hostname (such as a CMS) but then validated by a server on another hostname, such as an Akamai edge server, when serving content.

We're pleased to announce the launch of Akamai’s brand-new documentation site: techdocs.akamai.com. Powered by ReadMe, our new site offers intuitive and interactive content designed to help you get the most out of your Akamai products.

All Americans, regardless of background or location, deserve a fast, safe, and reliable digital experience. Whether in Silicon Valley, rural Montana, or an underserved area in Chicago, entrepreneurs, businesses, and consumers should be on an equal footing online. Unfortunately, that is not the current reality, and the pandemic only amplified and exacerbated the existing digital divides we know so well.

FritzFrog is a peer-to-peer botnet, which means its command and control server is not limited to a single, centralized machine, but rather can be done from every machine in its distributed network. In other words, every host running the malware process becomes part of the network, and is capable of sending, receiving, and executing the commands to control machines in the network.

Hello, and welcome to our very first Developer Community update of 2022. In this new monthly series, we’ll share highlights of what is happening across the Akamai Developer Community. Since this is the first blog we’re posting, we will also catch up on news from October 2021 through today.

Universal Plug and Play (UPnP) is a widely used protocol with a decade-long history of flawed implementations across a wide range of consumer devices. In this paper, we will cover how these aws are still present on devices, how these vulnerabilities are actively being abused, and how a feature/vulnerability set that seems to be mostly forgotten could lead to continued problems in the future with DDoS, account takeover, and malware distribution.

UPnProxy is alive and well. There are 277,000 devices, out of a pool of 3.5 million, running vulnerable implementations of UPnP. Of those, Akamai can confirm that more than 45,000 have been compromised in a widely distributed UPnP NAT injection campaign.

Learn how Akamai’s Managed Content Protection offering helps combat and mitigate the growing effects of online piracy for Akamai customers.

Learn how Akamai?s Managed Content Protection offering helps combat and mitigate the growing effects of online piracy for Akamai customers.

Secure your workforce with the help of multi-factor authentication and Akamai's Zero Trust Network Access application in place of a virtual private network (VPN).

Akamai threat researchers tracked continuous cyberattack and crypto-phishing campaigns that took advantage of cryptocurrency-based scams.

Encrypting DNS servers is a necessary next step in web security to prevent sensitive materials from being breached, thus improving user privacy and security.

Threat Researcher Larry Cashdollar has discovered evidence of the Mirai botnet abusing Log4j vulnerability and shares code examples.

Read about strategies to help protect against new and more impactful security threats and vulnerabilities in Log4j from Akamai CTO Charlie Gero.

Learn about Discover and Announce, a 100% serverless application built on Akamai IoT Edge Connect, which can run entirely on the Akamai edge.

Akamai CTO Charlie Gero shows how the Log4j threat surface could extend to unpatchable embedded and IoT devices.

While containers offer speed and flexibility that have not been possible before in the data center, they are also exposed to security threats such as ransomware, cryptomining, and botnets.

Learn about the widely used Java-based logging library Log4j and how its vulnerability and other capabilities presented a major opportunity to attackers.