Application security, Security
March 15, 2023
Via: Help Net SecurityAs server-side security advances, more attackers are exploiting vulnerabilities and launching malicious attacks through the less protected and seldom monitored client-side supply chain. Unfortunately, because of these attacks’ sophisticated and subtle nature, they can be hard to detect until it’s […]
Application security, Security
March 8, 2023
Via: Help Net SecurityAfter combing through 350,000 reports to find 650 API-specific vulnerabilities from 337 different vendors and tracking 115 published exploits impacting these vulnerabilities, the results clearly illustrate that the API threat landscape is becoming more dangerous, according to Wallarm. Researchers came […]
Application security, Security
March 7, 2023
Via: The Hacker NewsAn older version of Shein’s Android application suffered from a bug that periodically captured and transmitted clipboard contents to a remote server. The Microsoft 365 Defender Research Team said it discovered the problem in version 7.9.2 of the app that […]
Application security, Security
March 1, 2023
Via: SecureWorldImagine buying a car that has faulty brakes, or a toaster that can catch fire at any moment. You would expect the manufacturer to be held accountable for selling you a defective product that can harm you or others. But […]
Application security, Security
February 28, 2023
Via: The Hacker NewsAs digital transformation takes hold and businesses become increasingly reliant on digital services, it has become more important than ever to secure applications and APIs (Application Programming Interfaces). With that said, application security and API security are two critical components […]
Application security, Security
February 22, 2023
Via: Help Net SecurityEnterprises looking to modernize their APIs are increasingly switching from the REST architecture to the open-source data query and manipulation language GraphQL. While the transition makes sense – GraphQL is more flexible, scalable, and easier for developers to use – […]
Application security, Cloud security, Security
February 16, 2023
Via: Help Net SecurityCloud environments and application connectivity have become a critical part of many organizations’ digital transformation initiatives. In fact, nearly 40% of North American and European-based enterprises adopted industry-specific cloud platforms in 2022. But why are organizations turning to these solutions […]
Application security, Security
February 7, 2023
Via: Help Net SecurityCequence Security has enhanced the testing capabilities within its Unified API Protection Platform with the availability of API Security Testing. This API Security Testing framework encourages shift-left efforts by giving security and development teams the tools to quickly uncover and […]
Application security, Security
February 2, 2023
Via: Help Net SecurityWhen it comes to attacks against application programming interfaces (APIs), the building blocks that provide access to many of our applications, the OWASP API Top Ten is seen as definitive – and rightly so. Compiled in 2019 based on a […]
Application security, Security
January 26, 2023
Via: CSO OnlineApplication programming interfaces (APIs) have become a critical part of networking, programs, applications, devices, and nearly everything else in the computing landscape. This is especially true for cloud and mobile computing, neither of which could probably exist in its current […]
Application security, Security
January 23, 2023
Via: Help Net SecurityWallarm has launched the Wallarm API Leak Management solution, an enhanced API security technology designed to help organizations identify and remediate attacks exploiting leaked API keys and secrets, while providing on-going protection against hacks in the event of a leak. […]
Application security, Security
January 20, 2023
Via: Help Net SecurityCybersecurity professionals are frustrated over how much time and attention they must devote to API security and worried that their defenses still need to be improved, according to Corsha. Researchers recently surveyed over 400 security and engineering professionals to learn […]
Application security, Security, Threats & Malware, Vulnerabilities
January 12, 2023
Via: Security WeekIn August 2022, Twitter informed customers that a vulnerability in its systems had been exploited to obtain user data. The flaw, patched in January 2022, was used to determine whether a specified phone number or email address were tied to […]
Application security, Security
January 11, 2023
Via: Help Net Security42Crunch has joined the Microsoft Intelligent Security Association (MISA), a group of security technology providers who have integrated their solutions with Microsoft’s security technology products to better defend against a world of increasing threats. 42Crunch has integrated with Microsoft Sentinel […]
Application security, Security
December 30, 2022
Via: Dark ReadingThere are a few reasons that the topic of API security has been popping up more and more as 2022 comes to a close. Back in July 2021, Gartner predicted that by 2022, application programming interface (API) attacks will become […]
Application security, Security
December 21, 2022
Via: TechRadarMicrosoft may have blocked macros from running by default in its Office suite of programs, but there are workarounds, researchers are saying. Several months after the ban was introduced, one specific workaround is seeing an uptick in adoption in the […]
Application security, Security
December 21, 2022
Via: Help Net SecurityAt a surface level, APIs help businesses to connect applications and share data with one another. This creates an easier, more seamless experience for customers and users. If you have ever used your Google account to log into multiple sites […]
Application security, Security
December 13, 2022
Via: Help Net SecurityVeracode has acquired Crashtest Security to enhance the existing DAST capabilities available as part of Veracode’s Continuous Software Security Platform and broaden customer access globally. Web applications are fast becoming the most exploited attack vector for cyber threat actors looking […]
Application security, Security
November 15, 2022
Via: Dark ReadingNeosec, the pioneer in discovering and identifying API threats using behavioral analytics, today announced that it now tokenizes API activity data to enable organizations to fully see and store API data, removing the possibility of keeping sensitive data at-rest. Today, […]
Application security, Security
November 14, 2022
Via: CSO OnlineSoftware developers know not to reinvent the wheel. So, they lean on reusable micro-services – and their corresponding application programming interfaces (APIs) – as building blocks for application components. “Developers want to focus on the added value they can bring […]