Application security, Security, Threats & Malware, Vulnerabilities
March 31, 2023
Via: Help Net SecurityIntruder updates its cloud-based vulnerability management service, allowing organisations of all sizes to secure their APIs by automatically detecting vulnerabilities, gaps, security weaknesses, and misconfigurations that hackers can exploit. As more organisations build APIs to facilitate automation, attack surfaces are […]
Application security, Security
March 8, 2023
Via: Help Net SecurityAfter combing through 350,000 reports to find 650 API-specific vulnerabilities from 337 different vendors and tracking 115 published exploits impacting these vulnerabilities, the results clearly illustrate that the API threat landscape is becoming more dangerous, according to Wallarm. Researchers came […]
Application security, Security
February 22, 2023
Via: Help Net SecurityEnterprises looking to modernize their APIs are increasingly switching from the REST architecture to the open-source data query and manipulation language GraphQL. While the transition makes sense – GraphQL is more flexible, scalable, and easier for developers to use – […]
Application security, Security
February 2, 2023
Via: Help Net SecurityWhen it comes to attacks against application programming interfaces (APIs), the building blocks that provide access to many of our applications, the OWASP API Top Ten is seen as definitive – and rightly so. Compiled in 2019 based on a […]
Application security, Security
January 23, 2023
Via: Help Net SecurityWallarm has launched the Wallarm API Leak Management solution, an enhanced API security technology designed to help organizations identify and remediate attacks exploiting leaked API keys and secrets, while providing on-going protection against hacks in the event of a leak. […]
Application security, Security
January 20, 2023
Via: Help Net SecurityCybersecurity professionals are frustrated over how much time and attention they must devote to API security and worried that their defenses still need to be improved, according to Corsha. Researchers recently surveyed over 400 security and engineering professionals to learn […]
Application security, Security
December 21, 2022
Via: Help Net SecurityAt a surface level, APIs help businesses to connect applications and share data with one another. This creates an easier, more seamless experience for customers and users. If you have ever used your Google account to log into multiple sites […]
Application security, Security
November 1, 2022
Via: Help Net SecuritySynack launched an API pentesting capability powered by its global community of elite security researchers. Organizations can now rely on the Synack platform for continuous pentesting coverage across “headless” API endpoints that lack a user interface and are increasingly exposed […]
Application security, Security
October 20, 2022
Via: Help Net SecurityMore than 9 in 10 financial sectors accept that open banking is vital to their organization. The demand for fast, hassle-free, and personalized banking and financial services among customers is driving the rapid adoption of open banking. However, nearly 50% […]
Application security, Security
September 28, 2022
Via: Help Net SecurityIt’s hard to write good API specifications, and since most API gateways use them as IAC, they should be carefully checked for common mistakes. Writing an API that sticks to the original design is extremely difficult, and it must be […]
Application security, Security
September 22, 2022
Via: Help Net SecurityNoname Security announced the findings from its API security report, “The API Security Disconnect – API Security Trends in 2022”, which revealed a rapidly growing number of API security incidents, concerning lack of API visibility, and a level of misplaced […]
July 7, 2022
Via: Dark ReadingA cryptocurrency wallet service provider serving more than 2 million users worldwide and managing about $3 billion worth of Bitcoin was found to contain API vulnerabilities tied to how external authentication logins were implemented. The bugs are fixed, but the […]
Application security, Security
April 5, 2022
Via: The Hacker NewsWith the growth in digital transformation, the API management market is set to grow by more than 30% by the year 2025 as more businesses build web APIs and consumers grow to rely on them for everything from mobile apps […]
January 18, 2022
Via: Naked SecurityResearchers at browser identification company FingerprintJS recently found and disclosed a fascinating data leakage bug in Apple’s web browser software. Technically, the bug exists in Apple’s open source WebKit browser engine, which means it affects any browser that relies on […]
December 16, 2021
Via: Help Net SecurityProtecting mobile applications and APIs against automated threats is a top priority for online commerce businesses, according to data from a study published by DataDome. Conducted by Forrester Consulting, this survey of online commerce companies evaluates the main impacts that […]
Application security, Security
September 21, 2021
Via: Radware BlogThe increase in cloud adoption is driving the need for agile application security. According to Radware’s The State of Web Application and API Protection report, 70% of web applications now run in cloud environments, while 76% of organizations have accelerated […]
Application security, Security
September 2, 2021
Via: Threat PostThere are two essential elements driving progress in today’s digital-first economy: Mobile applications and the application programming interfaces (APIs) that allow those applications to communicate and exchange data with each other. The growth in these two technologies has exposed users […]
Application security, Security
July 23, 2021
Via: The Hacker NewsAfter more than 20 years in the making, now it’s official: APIs are everywhere. In a 2021 survey, 73% of enterprises reported that they already publish more than 50 APIs, and this number is constantly growing. APIs have crucial roles […]
Application security, Security
May 28, 2021
Via: Help Net SecurityContrast Security announced the findings of a report based on a comprehensive survey of development, operations, and security professionals and executives at enterprise-level financial services institutions. The report explores the state of application security at these organizations, and the findings […]
March 29, 2021
Via: The Hacker NewsEmail spoofing is a growing problem for an organization’s security. Spoofing occurs when a hacker sends an email that appears to have been sent from a trusted source/domain. Email spoofing is not a new concept. Defined as “the forgery of […]