Aggregator

This is the final in a multi-part series on cryptography and the Domain Name System (DNS). In previous posts in this series, I’ve discussed a number of applications of cryptography to the DNS, many of them related to the Domain Name System Security Extensions (DNSSEC). In this final blog post, I’ll turn attention to another […]

The post Information Protection for the Domain Name System: Encryption and Minimization appeared first on Verisign Blog.

A few years ago, I wrote a blog post trying to explain, with humor, why choosing application security as a career path is destiny derived by my parents calling me "Or", and why a personal name that is a conditional word can sometimes be challenging in daily routines, since some attack payloads contain conditional words.

By now, we hope you've read Monday's and Tuesday's blog posts announcing the release of our annual sustainability report, our sustainability program, and the technical innovation behind it.

一些思考, 转眼间, 入坑安全已经两年, 一些心得 2017-2018学年(大一) 2017年进入大学, 学习土木工程专业, 如果没有后面不知缘由的对计算机的热爱, 或许我现在正在朝着桥梁设计建造工程师这个方向迈进 在通识课上, 第一次接触c语言, 由此写出了人生中的第一行hello world 奇怪的是, 我并没有想着要用c语言去完成什么高大上的项目, 自己告诉自己, 我只是想知道为什么hello world可以被输出 那几个月天天抱着一本厚厚的c语言去研究, 这也算是我的计算机启蒙了吧 但是我还是不知道为什么hello world可以被输出? 再后来对这个问题答案的渴求促使我转专业(即使降级也要转专业), 我不想和这个问题擦肩而过(或许那个时候, 如果有人可以和我说懂这个问题, 我就可以在土木安心呆着了呢 =.=) 接下来就是准备转专业, 开始转专业, 降级转网安成功(顺便遇到了我可爱的女朋友 >。<) 2018-2019学年(还是大一) 带着2017年的问题, 我进入网安, 接触了二进制, 我坚信学习这个方向可以解决我的疑惑 于是2018年的那个秋天, 捧着汇编, 程序员的自我修养度日, 三个月后颤颤巍巍的拿到第一个栈溢出shell, 似懂非懂, 浑浑噩噩, 有拿到shell的喜悦, 但疑惑加深了, 我还是没有解决我的问题, 仿佛陷入死胡同, 而且三个月才学会第一个栈溢出, 这很明显是傻子行为 不是很服气, 于是二刷程序员的自我修养, 这一次好像懂了些什么(elf文件结构, 动态链接, 静态链接, 堆栈布局), 又好像什么都不懂, 总感觉有些东西没有抓住(另外出现了一个新的问题: 进程与进程之间的内存为什么不会产生冲突, 明明汇编会访问相同的地址) 带着疑问, 继续学习栈溢出, 利用技巧花里胡哨, 简直是神仙打架, 遇到问题, 解决问题, 解决不了问题, 自闭几天, 再去解决问题, 磕磕绊绊的也算是把利用技巧全部复现了一遍 赌气似的三刷程序员的自我修养, 很明显这次我懂了更多的东西, 于是回过头整理了一遍栈溢出, 这次出奇的顺利, 没有任何阻碍, 我想或许这段时间我确实进步了

取证小知识-100

取证小知识-100

取证小知识-100

New Year, New Digital You: Consumer Security Findings from McAfee’s Latest Report  2020 was a year unlike any other. We transitioned from...

The post New Year, New Digital You: Consumer Security Findings from McAfee’s Latest Report appeared first on McAfee Blog.

This post will focus on the weaponization of a few of the exploits only, as Sarit and Ofir documented everything else.

When we write the SOTI and talk about attacks against gamers, we spend a good deal of time focusing on network-level events, such as DDoS and credential stuffing.

In this blog, we will take a look at and break down a recent Magecart attack detected and mitigated by Client-Side Protection & Compliance. The impacted customer operates a large international e-commerce business in which one of its websites was compromised with a malicious script.

Never before has the risk of a distributed denial-of-service (DDoS) attack been higher. In 2020, we saw record-breaking attacks, a DDoS extortion campaign impacting thousands of organizations globally, more emergency customer turnups, and more Akamai customers attacked than any year on record -- and we've been successfully fighting DDoS attacks since 2003! We also saw a big increase in attacks targeting verticals that haven't seen as much activity of late, with 7 of 11 of the industries we track seeing peak attack counts in 2020.

I recently worked with a client whose large e-commerce site was hosted with a popular cloud-based commerce solution. Its business was growing rapidly into new geographic markets, and it was not satisfied with the embedded content delivery network (eCDN) that was bundled with the cloud solution. We demonstrated that stacking CDNs -- adding Akamai's Ion solution on top of the eCDN -- could significantly improve performance as well as provide the client with much greater control over its delivery configuration

Over the past 20 years, we've seen a lot of growth at Akamai. When I started at Akamai, we used to have traffic peaks of almost 200 Mbps. From that fledgling startup, Akamai has now grown to such a scale that we almost doubled network capacity in 2020 and were able to serve peaks of almost 200 Tbps. In short, just like the internet, Akamai has undergone quite the evolution. But as we've grown, so have our environmental impacts. In fact, the internet as a whole is responsible for more than 2% of global emissions, having the same impact as the airline industry. Our online streaming, learning, working, shopping, and playing habits have all started to add up.