API Security - Security Boulevard

China Cyberwar Coming? Versa’s Vice: Volt Typhoon’s Target

Richi Jennings — Wed, 28 Aug 2024 16:57:30 +0000

Xi whiz: Versa Networks criticized for swerving the blame.

The post China Cyberwar Coming? Versa’s Vice: Volt Typhoon’s Target appeared first on Security Boulevard.

APIs, Web Applications Under Siege as Attack Surface Expands

Nathan Eddy — Tue, 06 Aug 2024 08:34:58 +0000

Attackers are increasingly targeting web applications and APIs, with a nearly 50% year-over-year growth in web attacks, driven by the increased adoption of these technologies, which significantly expanded organizational attack surfaces, according to an Akamai report.

The post APIs, Web Applications Under Siege as Attack Surface Expands appeared first on Security Boulevard.

Prisoner Swap: Huge Russian Hackers Freed — Seleznev and Klyushin

Richi Jennings — Fri, 02 Aug 2024 16:00:17 +0000

Pragmatic politics: Anger as Putin gets back two notorious cybercriminals

The post Prisoner Swap: Huge Russian Hackers Freed — Seleznev and Klyushin appeared first on Security Boulevard.

WTH? Google Auth Bug Lets Hackers Login as You

Richi Jennings — Mon, 29 Jul 2024 15:17:43 +0000

G Suite Sours: Domain owners flummoxed as strangers get Google for their domains.

The post WTH? Google Auth Bug Lets Hackers Login as You appeared first on Security Boulevard.

PKfail: 800+ Major PC Models have Insecure ‘Secure Boot’

Richi Jennings — Fri, 26 Jul 2024 17:06:55 +0000

Big BIOS bother: Hundreds of PC models from vendors such as HP, Lenovo, Dell, Intel, Acer and Gigabyte shipped with useless boot protection—using private keys that aren’t private.

The post PKfail: 800+ Major PC Models have Insecure ‘Secure Boot’ appeared first on Security Boulevard.

API Discovery – Common Topics We’re Asked About

Shreyans Mehta — Thu, 25 Jul 2024 13:00:46 +0000

This article is the first in a series of six covering key API security topics and provides some answers to common questions we often get when talking to potential customers. This series will cover the following topics: API Discovery (this article) API Posture Management Attack Protection API Security Testing Attack Detection and Threat Hunting Architecture […]

The post API Discovery – Common Topics We’re Asked About appeared first on Cequence Security.

The post API Discovery – Common Topics We’re Asked About appeared first on Security Boulevard.

EFF Angry as Google Keeps 3rd-Party Cookies in Chrome

Richi Jennings — Tue, 23 Jul 2024 16:43:52 +0000

Regulatory capture by stealth? Google changes its mind about third-party tracking cookies—we’re stuck with them for the foreseeable.

The post EFF Angry as Google Keeps 3rd-Party Cookies in Chrome appeared first on Security Boulevard.

API Transformation Cyber Risks and Survival Tactics

Steve Winterfeld — Tue, 16 Jul 2024 11:04:28 +0000

As you think about how to ensure your APIs are within your risk tolerance, ensure that you have a sound understanding of your inventory and the data associated with them.

The post API Transformation Cyber Risks and Survival Tactics appeared first on Security Boulevard.

‘Blast-RADIUS’ Critical Bug Blows Up IT Vacation Plans

Richi Jennings — Wed, 10 Jul 2024 15:35:11 +0000

MD5 MITM Muddle: Ancient, widely used protocol has CVSS 9.0 vulnerability.

The post ‘Blast-RADIUS’ Critical Bug Blows Up IT Vacation Plans appeared first on Security Boulevard.

‘Polyfill’ Supply Chain Threat: 4x Worse Than We Thought

Richi Jennings — Fri, 05 Jul 2024 16:59:56 +0000

Spackle attack: Chinese company takes over widely used free web service—almost 400,000 websites at risk.

The post ‘Polyfill’ Supply Chain Threat: 4x Worse Than We Thought appeared first on Security Boulevard.