Explore three ways healthcare organizations can boost cybersecurity, critical infrastructure, and ransomware protection to prepare for potential cyberthreats.
Phishing is not a new security problem. In fact, it?s been around since the earliest days of email when most users received numerous emails from African kings or other high-ranking officials who promised them great riches if they simply provided their bank account details. Things have changed a lot since then.
WAF Attacks have been increasing dramatically over the last 9 months. These attacks cut across industries, geos and customers. Growth has largely been driven by Local File Inclusion (lfi) attacks, which took the lead from SQL Injection attacks in early 2021 before just taking off in the fall.
Talking about secure networks is like talking about safe pools. A pool is just a body of water, and if it has enough water to swim in, then it has more than enough water to drown in. A pool is inherently unsafe. We, therefore, take care in how we use a pool: We don?t swim alone; we don?t run around the pool; we don?t dive in the shallow end; and we don?t swim less than 15 minutes after eating. (Is that 15-minute rule still a thing?) These pool-safety policies ensure that our use of the pool is as safe as possible, but they do not make the pool safe in and of itself.
Today, technology is infused into nearly everything we do. The data behind personalized recommendations, connected devices, and wearables has changed how we engage with the world around us ? whether we?re driving to a new destination, purchasing from a new retailer, or monitoring our health.
It?s all too common that IT security tools and practices come at the cost of productivity. Even physical security has this trade-off. There would be no rush to arrive at the airport an hour early if it weren?t for the extensive security measures that flying entails. As a result of this trade-off, our concern often isn?t if we can increase security in our networks ? rather, it?s if the increased security is worth the impact on the business.
We have big news this month. You may have already heard that we acquired Linode, creating the world?s most distributed compute platform. In addition, we have release announcements and new developer content to share with you!
With web applications under increased attacks, Akamai has analyzed data points for web application firewall (WAF) multi-vector and DDoS attacks between April 2021 and March 2022 to determine the severity of the situation in Australia.
Based in Covent Garden, London, the Royal Opera House brings together the world?s most extraordinary artists to share live, streamed, and broadcast events and performances. We?re delighted that this iconic British institution has chosen to work with Akamai to bring its fantastic productions to the big screen.
For many people, ?building at the edge? may conjure fantastical images of nearly sci-fi?like computational power embedded on devices all around us, crunching massive volumes of data. We?re getting there. Today?s reality is that more workloads are moving to the edge to take advantage of the benefits, but many are still too resource-intensive to be feasible. For the workloads that can be moved, the results can lead to transformational digital experiences for users and developers alike.
Oftentimes, organizations view supply chains as an extension of their own business and require suppliers to adhere to codes of conduct, efficiency standards, and more. Today, this has expanded to environmental sustainability goals as well. Companies understand that the environmental impact of their economic activity is not limited to their direct operations. It?s integral to look beyond direct emissions and risks to the entire value chain.
Although we?ve made significant progress as a community in this regard, there are still instances in which the outcome of DNS spoofing attacks can go undetected. In this article, we describe a DNS spoofing attack that goes unnoticed by users.
WorldMatch, a games and content provider for global markets, collaborates with some of the biggest international casinos. Headquartered in Italy and in operation since 2003, the gaming provider boasts a portfolio of more than 200 games, 160 slot machines with 70 game engines, 30 table games, and all types of video poker. We?re delighted that this innovative company has chosen to work with Akamai to deliver a picture-perfect experience for their customers via the services provider, Criticalcase.
Microsoft?s April 2022 Patch Tuesday introduced patches to more than a hundred new vulnerabilities in various components. Three critical vulnerabilities were found and patched in Windows RPC (Remote Procedure Call) runtime:
CVE-2022-24492 and CVE-2022-24528 (discovered by Yuki Chen with Cyber KunLun)
CVE-2022-26809 (discovered by BugHunter010 with Kunlun)
Obviously we?re proud to be a leader. Bot management is a contact sport, where being great is a requirement if you want to stop the persistent adversarial bots. So it?s rewarding to be recognized for the work we?re doing keeping the bad bots away from our customers? digital businesses.
Protecting sensitive information is a recurring and widely known concern in the security community. As researchers, we know all too well how information can be used maliciously (I mean, come on ? it?s our job). Considering the size of the threat vector that is LFI, it?s something that developers and security professionals alike need to be aware of.
Just three weeks have gone by since Akamai officially welcomed Linode into our fold, and I?m encouraged by the excitement that so many have expressed about the combination of our two companies since we announced the acquisition in February. In conversations with us, industry analysts use the word ?transformational? to sum up the potential impact of our merger on the marketplace.
Conti is a notorious ransomware group that targets high-revenue organizations. They were first detected in 2020, and appear to be based in Russia. It is believed that the group is the successor to Ryuk ransomware group. According to Chainalysis, The ransomware group was the highest grossing of all ransomware groups in 2021, with an estimated revenue of at least 180 million dollars.
Although Spring Cloud Functions are not as widespread as the Log4j library, and should provide a good separation from the hosting server, some draw the line between the two, due to the ease of exploitation over HTTP/s. This new vulnerability will definitely result in many threat actors launching campaigns for crypto-mining, ddos, ransomware, and as a golden ticket to break into organizations for the next years to come.
Akamai Threat Research Team
Checked
14 hours 42 minutes ago
Visit the Akamai Blog to learn more about what's going on in cybersecurity. Learn about our products and how we provide solutions to our customers.