What do hay storage, Akamai?s Edge Connect solution, and machine learning have in common? We use the serverless machine learning system to keep our hay storage safe and secure.
Summary
Researchers at Claroty discovered 11 vulnerabilities in NagiosXI that, in combination, could be used to take over network infrastructure remotely. Updates to NagiosXI have been released to address the issues.
Overview
Eleven vulnerabilities in NagiosXI were discovered and disclosed by researchers at Claroty. These include remote code execution (RCE), server-side request forgery (SSRF), SQL injection, local privilege escalation (LPE), local file inclusion, open redirect, and path traversal vulnerabil
This week, Gartner released its new 2021 Magic Quadrant for Web Application and API Protection (WAAP) report, which replaces the Magic Quadrant for Web Application Firewalls (WAF) report, and Akamai has been named a Leader. Akamai was named a Leader in the four previous WAF Magic Quadrants.
The TCP three-way handshake is one of the critical building blocks of the internet. It facilitates the smooth and consistent flow of information across and among different networks without compromising security.
New to the scene, monster-sized botnet M?ris is raising some eyebrows with giant requests per second (rps) attacks as shared by Cloudflare (17.2M rps, reported August 19), Yandex (peaking at 21.8M rps on September 5), and KrebsOnSecurity (2M rps on September 9). Some commentary came in on Slashdot, The Record, and The Hacker News.
The Accelerator Program, a flagship initiative of Akamai India?s Corporate Social Responsibility Trust, enables early-stage innovations for water conservation. Over the past two years, along with our mentoring partner, the International Center for Clean Water (ICCW; an initiative of the Indian Institute of Technology Madras), we onboarded two social innovators as Cohort 1 grantees: Ashoka Trust for Research in Ecology and the Environment and Foundation for Environmental Monitoring, and two social innovators as Cohort 2 grantees, SmartTerra and Jaljeevika.
The campaign was first seen by the Akamai SIRT on February 16, 2021, and appears to be targeting both Windows and Linux systems. The botnet caught our interest because it has shown to be highly active across a diverse set of geographical regions, including the Americas, Europe, and Asia.
Recently, there has been a plethora of UPX packed crypto-mining malware written in Golang targeting Linux systems and web applications popping up in the news. The malware?s primary tactic is to spread by taking advantage of vulnerable systems and weak administrative credentials. Once they?ve been infected, these systems are then used to mine cryptocurrency. I?ve named the sample I examined for this post ?Capoae,? based on the code?s output to my terminal.