The Akamai Blog

Recently, there has been a plethora of UPX packed crypto-mining malware written in Golang targeting Linux systems and web applications popping up in the news. The malware?s primary tactic is to spread by taking advantage of vulnerable systems and weak administrative credentials. Once they?ve been infected, these systems are then used to mine cryptocurrency. I?ve named the sample I examined for this post ?Capoae,? based on the code?s output to my terminal.

Recently Atlassian has disclosed a critical RCE (Remote Code Execution) vulnerability in its Confluence server and Data Center products (CVE-2021-26084), which might allow unauthenticated users to execute arbitrary code on vulnerable servers.

The Technical Enablement and Education team, part of Akamai?s Global Services organization, has won a coveted Brandon Hall Group Gold award for ?Best Customer Training Program,? for Akamai?s flagship customer training and enablement program, Akamai University.

I?m excited to announce our new all-inclusive Learning Hub as the single destination for all product learning resources at Akamai. This new Hub gives users the ability to choose the method of learning that suits them best, whether that?s reading through technical documentation, exploring our on-demand elearning modules and hands-on labs, or joining a community discussion.

In case you haven?t already been working with EdgeWorkers, it allows you to run JavaScript code across more than 4,200 locations for proximity to users and fast application response times. With more and more application functionality moving to the edge, it?s increasingly important to ensure that each function is doing what it needs to do. A unit test runs code over each segment of your program, checking the input and output. These tests allow developers to check individual areas of a program to see where (and why) errors are occurring. Several frameworks allow you to easily run your tests, including popular frameworks like Jest, Mocha, Jasmine, and Cypress.

Welcome back to the Holiday Readiness blog series. We hope part one has kept you busy over the past month as you continue to improve your security posture. If you haven?t finished all of the security checklist items, don?t worry ? there is still time before Black Friday and Cyber Monday.

Passwords are the bane of users and security teams? lives. Despite years of security teams educating users about not using 123456 as a password, not recycling passwords across multiple personal and professional accounts, and implementing even more rigorous password rules and investments in password manager tools, these combinations of letters, numbers, and special characters remain a rich target for attackers.

Researching malware has many challenges. One of those challenges is obfuscated code and intentionally corrupted binaries. To address challenges like this, we've written a small tool in C that could fix intentionally corrupted binaries automatically. We also plan to open-source the project so other researchers could use it too, and perhaps improve and expand upon the tool's capabilities as needed.

With DDoS, we typically observe a moderate degree of attacker persistence. DDoS attacks are relatively easy to launch from a number of online booter services, and the availability of cryptocurrencies for payment has made it easy to remain anonymous. Attackers can try their hand at DDoS for little effort and money, and in relative safety. They give it a go, try a few things (vector, endpoint, and scale changes), and for those with effective defenses, the attacker eventually burns out.

With 35 medals at stake, the last full day of competition during the games in Tokyo generated the highest video streaming traffic for 30-plus customers on the Akamai Intelligent Edge Platform. Medal matches for baseball, basketball, and soccer, along with several track and field finals, drove related traffic to 10 Tbps on Saturday, August 7.

HTTP Request Smuggling (also known as an HTTP Desync Attack) has experienced a resurgence in security research recently, thanks in large part to the outstanding work by security researcher James Kettle. His 2019 Blackhat presentation on HTTP Desync attacks exposed vulnerabilities with different implementations of the HTTP Standards, particularly within proxy servers and Content Delivery Networks (CDNs).These implementation differences with regard to how proxy servers interpret the construction of web requests have led to new request smuggling vulnerabilities. (Direct link to information on new vulnerability).

Within hours from the moment our in-house built fuzzer, hAFL1, started running ? it found a critical, CVSS 9.9 RCE vulnerability in Hyper-V?s virtual driver.

As I began my CSR Co-op position this year, I wanted to see up-close how a corporate foundation works. What I've found is that the work the Akamai Foundation does around the world is inspiring! Whether it's partnering with STEM educators, responding to the COVID-19 crisis, planning employee volunteerism efforts, or creating a hardship fund to support our community, what we do here has a positive impact across the globe. And, thanks to this co-op opportunity, I've been able to play a real part in driving this impact forward.

For more than 20 years, Akamai has worked very hard to earn the trust and confidence of our customers and partners by developing services that can be relied upon to be available and secure at all times.

The beginning of August is upon us, and if you haven?t already started thinking about the busiest time of the year, now is a good time to do so. Whether you?re an experienced veteran of managing peak traffic or new to the game, Q4 can bring surprises when it comes to performance and security. And while it?s nearly impossible to prepare for every situation, there are a number of options and solutions available at Akamai to help manage the surge of traffic (both good and bad) that will be hitting the retail industry during the holiday season, especially on Black Friday and Cyber Monday.

Maybe you?ve just found out that your company?s IT organization is implementing Zero Trust. Does that mean they don?t trust you? ?Zero Trust? sure sounds that way. Maybe you?ve read about it online or heard somebody talk about it in terms that equate Zero Trust with the idea that users and devices are never trusted.

Guardicore Labs, in collaboration with SafeBreach Labs, found a critical vulnerability in Hyper-V?s virtual network switch driver (vmswitch.sys).

Akamai engineering has adopted new technology concepts to enhance and expand routing capabilities at the edge. Previously, Akamai?s traffic-steering capabilities were mainly focused on DNS-based routing. In this article, we would like to give you an in-depth look at how Akamai has embraced new routing technology concepts and merged them into the Akamai edge to enhance routing capabilities, provide faster and better traffic steering, and offer even better performance.

With the transition to remote work, we often hear the term remote access used in unison. Typically, remote work application access is facilitated via a remote access mechanism and, presumably, local work application access is facilitated via a local access mechanism. But I argue that this connection does not really hold true. Sure, remote work does require the use of a remote access mechanism, but the mechanism can and should also be used for local work. There's really no such thing as local access.

If I had a dollar for every time I heard the phrase ?digital transformation,? I would have a lot of dollars. I?m sure you would too. We?d have even more if we counted the term ?Zero Trust.? (Maybe we should start counting them, now that I think about it!)