Akamai's Prolexic Security Engineering & Response Team found 4.1 million Internet-facing Universal Plug and Play devices are potentially vulnerable to being employed in this type of reflection DDoS attack.
A vulnerability in SSL 3.0 lets attackers extract session cookies and other secrets from encrypted online communications, but experts believe the seriousness is tempered by the overall difficulty in exploiting the vulnerability.
To limit the risk of having drive-by malware attacks planted on their websites, organizations should monitor the payload of their different Internet properties, which for larger organizations can easily become a huge undertaking.
The network edge is the ideal location for quickly preventing the vast majority of attacks, but looking forward, you should consider how pervasive deployments can stop the new breed of advanced attack.
Advancing our security controls isn’t going to happen overnight. But we are well on our way with technology and capabilities that are already headed in this direction, implementing dynamic controls to see more, learn more, and adapt quickly.
Software and hardware alone are not enough to manage a massive enterprise security program. You need security professionals and experienced leaders who can keep the team (and the tools) operating effectively.
Las Vegas has created a market-proven, repeatable formula for business success. For enterprises competing each and every day with cybercriminals, what if we were to apply these same principles to enterprise cybersecurity?