Search the Community
Showing results for tags 'akamai'.
Found 2 results
Researchers have uncovered a distributed denial-of-service (DDoS) attack campaign that takes advantage of Joomla servers with a vulnerable Google Maps plug-in installed. Akamai's Prolexic Security Engineering & Research Team (PLXsert) worked with PhishLabs' Research, Analysis, and Intelligence Division (R.A.I.D) to analyze malicious traffic coming from multiple Joomla websites, a threat advisory (PDF) issued Wednesday said. Through analysis, the teams found that attackers were able to use servers as DDoS zombies due to a vulnerability in a Google Maps plug-in that allows the plug-in to act as a proxy, masking the origin of DDoS attacks. “Attackers spoof the source of the request, causing the results to be sent from the proxy to someone else – their denial of service target,” a release from Akamai explained. This year, the company has observed eight Joomla-based DDoS attacks against its customer base, six of which were targeted at the education sector. PLXsert said that the DDoS attacks contained traffic signatures that matched sites known for providing DDoS-for-hire services, and that miscreants used attack tools, such as DAVOSET and UFONet, that have also been increasingly adapted by the DDoS-for-hire market. Researchers have observed the Joomla-based DDoS attacks since September, but believe the for-hire attacks are ongoing. In a Thursday interview with SCMagazine.com, Rod Soto, principal security researcher at PLXsert, said that reflection-based DDoS attacks, like those seen in this campaign, have become popular as they allow attackers to use the “path of least resistance.” In the last quarter of 2014, Akamai found that 39 percent of all DDoS traffic used reflection techniques, which amplified attacks while hiding attackers' identities. “For reflection attacks, it does not require the attacker to actually compromise the botnet [or abused hosts],” Soto said. “Most of them don't even realize they are being used as reflectors.” In addition to ensuring that plug-ins for content management systems (CMS), like Joomla or WordPress, are properly patched, Akamai provided other DDoS migration steps, such as blocking HTTP GET/1.0 request traffic if support for legacy clients isn't needed, and blocking HTTP requests with a PHP-based user-agent string, if they are not needed, the threat advisory said. The advisory also included three Snort rules, which match the DDoS attack variations Akamai detected in the campaign. Source
Content delivery network (CDN) specialist Akamai Technologies is acquiring Prolexic in a bid to extend its web optimization and security offerings. Prolexic is a natural extension for Akamai, as the hybrid CDN/security model has been on the rise. Akamai will acquire all of the outstanding equity of Prolexic in exchange for a net cash payment of approximately $370 million, after expected purchase price adjustments, plus the assumption of outstanding unvested options to purchase Prolexic stock. Prolexic gives Akamai (AKAM) further cloud-based security for protecting data centers and enterprise IP applications from distributed denial of service (DDoS) attacks. DDoS attacks can temporarily cripple a organization, preventing legitimate users from accessing a service. “Any company doing business on the Internet faces an evolving threat landscape of attacks aimed at disrupting operations, defacing the brand, or attempting to steal sensitive data and information,” said Tom Leighton, CEO of Akamai. “By joining forces with Prolexic, we intend to combine Akamai’s leading security and performance platform with Prolexic’s highly-regarded DDoS mitigation solutions for data center and enterprise applications protection. We believe that Prolexic’s solutions and team will help us achieve our goal of making the Internet fast, reliable, and secure.” Companies like CloudFlare that provide a hybrid of CDN and security services have captured a lot of the consumer market, and stand as a possible future threat to Akamai’s business. Akamai needs to evolve, and it is doing so here. Akamai is firmly rooted in the higher end of the market and will maintain its position by expanding its portfolio of security solutions, in addition to content delivery services. The acquisition means businesses can acquire performance and DDoS mitigation from a single vendor. “Today, business is defined by the availability, security and latency of Internet-facing applications, data and infrastructure,” said Scott Hammack, CEO at Prolexic, which has been a pioneer in DDoS defense. “Being able to rely on one provider for Internet performance and security greatly simplifies resolution of network availability issues and offers clients clear lines of accountability. We believe that, together, we will be able to deliver an unprecedented level of network visibility and protection.” Akamai intends to provide customers with a comprehensive portfolio of security solutions designed to defend an enterprise’s Web and IP infrastructure against application-layer, network-layer and data center attacks delivered via the Internet. Source: Akamai Acquires Prolexic to Protect Customers From DDoS Attacks | Data Center Knowledge