Hot Topics

API Abuse

Privacy Risks in Google's New Play Store Personalization

Privacy Risks in Google’s New Play Store Personalization

| | API Abuse, API security, API Security - Analysis, News and Insights, Google Play, Mobile API Security, mobile app development
Personolization is a double edged sword. On one hand, it enhances user experiences by offering tailored recommendations, but on the other hand, it raises significant privacy concerns. Google Play's recent announcement about ...
Approov Blog
The Rise of Unofficial Apps in Delivery, Automotive, and E-Commerce

The Rise of Unofficial Apps in Delivery, Automotive, and E-Commerce

| | API Abuse, API security, API Security - Analysis, News and Insights, Automotive, e-commerce, Mobile API Security, mobile app development, Mobility, retail
Understanding the Security Risks and Solutions for Protecting Sensitive Data There is a trend emerging for anyone launching a consumer business. Almost every business these days does two things: the first is ...
Approov Blog
threat modeling, ICS, VPNs, APIs, risk, left-of-bang, threats, vulnerabilities, XDR, zero-trust, attack, XDR API Skyhawk Security modeling threat CosmicStrand insider threats Threat Modeling - Secure Coding - Cybersecurity - Security

API Transformation Cyber Risks and Survival Tactics

| | API Abuse, APIs, risk, Vulnerabilities
As you think about how to ensure your APIs are within your risk tolerance, ensure that you have a sound understanding of your inventory and the data associated with them ...
Security Boulevard
How Poor API Security Led to Major Breaches in 2024

How Poor API Security Led to Major Breaches in 2024

| | API Abuse, API Keys, API security, API Security - Analysis, News and Insights, Mobile API Security, Mobile App Authentication, mobile app development
Major API Breaches in H1 of 2024 Earlier this year, we provided an overview of the significant security breaches from 2023. It's now clear that for API related breaches, this year is ...
Approov Blog
“Welcome to Hell”

Dell Hell Redux — More Personal Info Stolen by ‘Menelik’

| | Alternative Data & Scraping, api, API Abuse, API Attack, API Attack Detection, API Attack Protection, API attacks, API Authentication, API Authorization, API breaches, API Data Exposure, content scraping, data scraping, Dell, Dell Technologies, Menelik, Oracle, Oracle cloud, Oracle Cloud infrastructure, SB Blogwatch, scraper, scraper bots, Scrapers, Scraping, web scraping, web scraping attacks, webscraping, website scraping
Phish Ahoy! Hacker took advantage of Dell’s lack of anti-scraping defense ...
Security Boulevard
API Abuse Prevention Demo May 2023

Introducing Integrated API Abuse Prevention to Combat Bad Bots

| | API Abuse, API security
In recent years there’s been a rise in “API Abuse” attacks, which includes detrimental automated behaviors such as malicious bots, account takeover (ATO), credential stuffing, application layer (L7) DDoS, data scraping, and ...
Wallarm
ChatGPT Injection: a new type of API Abuse attack may steal your OpenAI API credits

ChatGPT Injection: a new type of API Abuse attack may steal your OpenAI API credits

| | API Abuse, API security, ChatGPT, chatgpt injection, Hacking, Researcher Corner
ChatGPT is spreading like wildfire all over the internet, being used in everything from casual tools to cybersecurity and even industrial applications. It’s so popular, I wouldn’t be shocked if it starts ...
Wallarm
What You Need to Know About Broken Object Level Authorization (BOLA)

What You Need to Know About Broken Object Level Authorization (BOLA)

| | API Abuse, API security, API Security - Analysis, News and Insights, BOLA, Mobile Security
Photo by Claudel Rheault on Unsplash Broken Object Level Authorization (BOLA) is the #1 vulnerability in the OWASP API Security Project’s API Security Top Ten in 2019. Using BOLA, an attacker exploits ...
Approov Blog
Mobile App Security: Uncovering the Risks of Secret Theft at Runtime

Mobile App Security: Uncovering the Risks of Secret Theft at Runtime

| | API Abuse, API Security - Analysis, News and Insights, Fintech, MitM Attack
This is our second blog highlighting the results of the Approov Threat Lab Report ...
Approov Blog
T-Mobile’s SIXTH Breach in 5 years: 37M Users’ PII Leaks

T-Mobile’s SIXTH Breach in 5 years: 37M Users’ PII Leaks

| | 2023 T-Mobile Breach, 5G, api, API Abuse, pii, Privacy, SB Blogwatch, T-Mobile, t-mobile breach, t-mobile data breach, T-Mobile hack
The Un-carrier is In-secure, it seems. Un-believable. In-credibly in-competent. CEO Mike Sievert (pictured) might become un-CEO ...
Security Boulevard
Load more

Application Security Check Up