Category: Application security

March 7, 2023

An older version of Shein’s Android application suffered from a bug that periodically captured and transmitted clipboard contents to a remote server. The Microsoft 365 Defender Research Team said it discovered the problem in version 7.9.2 of the app that […]

March 1, 2023

Imagine buying a car that has faulty brakes, or a toaster that can catch fire at any moment. You would expect the manufacturer to be held accountable for selling you a defective product that can harm you or others. But […]

February 28, 2023

As digital transformation takes hold and businesses become increasingly reliant on digital services, it has become more important than ever to secure applications and APIs (Application Programming Interfaces). With that said, application security and API security are two critical components […]

February 22, 2023

Enterprises looking to modernize their APIs are increasingly switching from the REST architecture to the open-source data query and manipulation language GraphQL. While the transition makes sense – GraphQL is more flexible, scalable, and easier for developers to use – […]

February 16, 2023

Cloud environments and application connectivity have become a critical part of many organizations’ digital transformation initiatives. In fact, nearly 40% of North American and European-based enterprises adopted industry-specific cloud platforms in 2022. But why are organizations turning to these solutions […]

February 7, 2023

Cequence Security has enhanced the testing capabilities within its Unified API Protection Platform with the availability of API Security Testing. This API Security Testing framework encourages shift-left efforts by giving security and development teams the tools to quickly uncover and […]

February 2, 2023

When it comes to attacks against application programming interfaces (APIs), the building blocks that provide access to many of our applications, the OWASP API Top Ten is seen as definitive – and rightly so. Compiled in 2019 based on a […]

January 26, 2023

Application programming interfaces (APIs) have become a critical part of networking, programs, applications, devices, and nearly everything else in the computing landscape. This is especially true for cloud and mobile computing, neither of which could probably exist in its current […]

January 23, 2023

Wallarm has launched the Wallarm API Leak Management solution, an enhanced API security technology designed to help organizations identify and remediate attacks exploiting leaked API keys and secrets, while providing on-going protection against hacks in the event of a leak. […]

January 20, 2023

Cybersecurity professionals are frustrated over how much time and attention they must devote to API security and worried that their defenses still need to be improved, according to Corsha. Researchers recently surveyed over 400 security and engineering professionals to learn […]

January 12, 2023

In August 2022, Twitter informed customers that a vulnerability in its systems had been exploited to obtain user data. The flaw, patched in January 2022, was used to determine whether a specified phone number or email address were tied to […]

January 11, 2023

42Crunch has joined the Microsoft Intelligent Security Association (MISA), a group of security technology providers who have integrated their solutions with Microsoft’s security technology products to better defend against a world of increasing threats. 42Crunch has integrated with Microsoft Sentinel […]

December 30, 2022

There are a few reasons that the topic of API security has been popping up more and more as 2022 comes to a close. Back in July 2021, Gartner predicted that by 2022, application programming interface (API) attacks will become […]

December 21, 2022

Microsoft may have blocked macros from running by default in its Office suite of programs, but there are workarounds, researchers are saying. Several months after the ban was introduced, one specific workaround is seeing an uptick in adoption in the […]

December 21, 2022

At a surface level, APIs help businesses to connect applications and share data with one another. This creates an easier, more seamless experience for customers and users. If you have ever used your Google account to log into multiple sites […]

December 13, 2022

Veracode has acquired Crashtest Security to enhance the existing DAST capabilities available as part of Veracode’s Continuous Software Security Platform and broaden customer access globally. Web applications are fast becoming the most exploited attack vector for cyber threat actors looking […]

November 15, 2022

Neosec, the pioneer in discovering and identifying API threats using behavioral analytics, today announced that it now tokenizes API activity data to enable organizations to fully see and store API data, removing the possibility of keeping sensitive data at-rest. Today, […]

November 14, 2022

Software developers know not to reinvent the wheel. So, they lean on reusable micro-services – and their corresponding application programming interfaces (APIs) – as building blocks for application components. “Developers want to focus on the added value they can bring […]

November 9, 2022

Secure APIs Better: Top 5 API Security Myths Demystified Myth 1: API Gateways, Existing IAM Tools, and WAFs are Enough to Secure API Reality: These aren’t enough to secure your APIs. They are layers in API security. They need to […]

November 1, 2022

Synack launched an API pentesting capability powered by its global community of elite security researchers. Organizations can now rely on the Synack platform for continuous pentesting coverage across “headless” API endpoints that lack a user interface and are increasingly exposed […]