MTGOX: Crypto Failure is in the Name.

Mt. Gox Bitcoin Heist: Takeaways from a $3.3B Crypto Exchange Breach It was all fun and games, until someone lost 850,000 BTC from a Tokyo-based exchange, MTGOX, in 2014. Understanding how cryptocurrency exchanges evolved into hacker fantasy islands is all in the name. MTGOX, a company remembered...

2023 OWASP Top-10 Series: API4:2023 Unrestricted Resource Consumption

Welcome to the 5th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a particular focus on security practitioners. This post will focus on API4:2023 Unrestricted Resource Consumption. In this series we are taking an in-depth look at each category – the details, the...

Wallarm Launches Support of Envoy Proxy/ Envoy API Protection

Wallarm can protect North-South API in the applications that use Envoy as an alternative Ingress controller at the front end of a Kubernetes cluster. Wallarm can also protect edge traffic and also East-West Envoy API for Service-Mesh and Istio. The post Wallarm Launches Support of Envoy Proxy/...

WAF JSON decoding capability required to protect against API threats like CVE-2020-13942 Apache Unomi RCE

New critical Apache Unomi exploit was released yesterday. As an official press release says: "Apache Unomi is the industrys first reference implementation of the upcoming OASIS CDP specification established by the OASIS CXS Technical Committee, which sets standards as a core technology for enabli...

What’s New in Wallarm

New features in Wallarm Cloud Dashboard At Wallarm, we subscribe to the continuous delivery methodology. Some of you may have already seen these features as we have been releasing them over the past weeks. For those of you who haven’t, this post will point out all the new shiny improvements for...

Perimeter Breaches: The attack front you’re losing

Everything is data. Defining your perimeter is nearly impossible, which makes securing it even more tricky. Old strategies are obsolete. How do we navigate and protect our boundaries in an increasingly digital world? The post Perimeter Breaches: The attack front you're losing appeared first on...

ON PREM vs. CLOUD.

Security and Other considerations. Part 2 By Johan Nordstrom To be able to keep up with the development of new security threats, companies need to rethink their security strategies. The basics must be to decrease complexity and use automated solutions when possible. There has been a change in the...

Getting ready for May 25th

How Wallarm helps with GDPR On May 25, 2018 the General Data Protection Regulation GDPR becomes enforceable. Both European and international companies are reviewing their existing data processing practices to ensure their are in compliance with the new standard, as the proposed non-GDPR complianc...

The Good, The Bad and The Ugly of Safari in Client-Side Attacks

I’ve previously published an article about using Safari to compromise a computer file system. Unfortunately, there are more issues with Safari as we are now finding out. In this post, we will take a look at the possibility of a XSS exploit and a cookie compromise stemming from “unusual” Safari...

What Is Multi-Homing?

Decoding the Term: Deciphering the Significance of Multi-Homing? The term multi-homing, in the realm of computer networking, finds itself surrounded by considerable confusion owing to its multifaceted technical nuances. Nevertheless, it stands as a pillar of network security and dependability...

Wallarm API Firewall outperforms Nginx in a production environment

Wallarm API Firewall is a free light-weighted API Firewall that protects your API endpoints in cloud-native environments with API schema validation. Wallarm API Firewall relies on a positive security model allowing calls that match a predefined API specification, while rejecting everything else...

Build OWASP Top-10 2021 based on fair statistics

Unofficial OWASP Top-10 2021 predictions calculated by understandable metrics, which are possible for everyone to reproduce and be presented to an entire community for feedback. The post Build OWASP Top-10 2021 based on fair statistics appeared first on Wallarm Blog...

Why and how to disable introspection query for GraphQL APIs

Intro In the last post, we touched on the topic of GraphQL security. As a reminder, GraphQL is a popular alternative to REST APIs. A single article can not encapsulate all the things one wants to know about such an interesting technology. This installment of the series will look at the first step...

Wallarm Node — now as a Google Cloud image

Today we’re excited to announce native availability of Wallarm Node image for Google Cloud Platform GCP. Many Wallarm customers and prospects use Google Cloud for its high-performance, scalable infrastructure with excellent price/performance. The ability to customize machine types to customer...

What ChatGPT know about API Security?

There is no doubt that you heard about and seen the latest OpenAIs brilliant called ChatGPT. It can write poems, speak many languages, answer questions, play chess, make code and impress everyone. In this post, we show a few more of how this AI model is good in cybersecurity, in particular in API...

Two critical security flaws found in Nginx-Ingress controller

Ingress controllers allow users to configure an HTTP load balancer for applications running on Kubernetes. It’s needed to serve those applications to clients outside of the Kubernetes Cluster. It’s also configured with Kubernetes API to deploy objects called Ingress Resources The NGINX Ingress...

Putting Wallarm Management Console on a Fast Track

With this update we significantly reduced Elasticsearch load and thereby improved the responsiveness of the user interface with an attack showing up within seconds of being detected. Our new user-friendly interface has a lag time of no more than 5 seconds. The post Putting Wallarm Management...

Lessons Learned from the Equifax Disaster

143 million U.S. consumers, Equifax.com users who may have been affected by the the worst data breach in history are receiving all sorts of advice including a free TrustedID product license from Equifax. But despite numerous public reports about the incident, there are still many important...

How to Build a Cybersecurity Culture in Your Company

Decoding the Essential Components of Cyber Safeguard Culture In today's era, marked by copious dependencies on digital technologies, strengthening defenses against digital security vulnerabilities has become more than just a choice, it's a critical necessity. Establishing a culture of cyber...

Securing REST with free API Firewall. How-to guide

In our modern world, web applications are becoming ever more important. Bad actors know this and they target them more frequently than ever before. This is not likely to stop any time soon as the number of web applications the world needs will only go up with its reliance on technology. To fully...

Libdetection: Introducing New Generation of Attacks Detection

In the latest version of Wallarm Node, we integrated a new attack detection engine that will work with a combination of current detects. Libdetection is a unique open-source project https://github.com/wallarm/libdetection, that provides a signature-free payloads detection by implementing a syntax...

The Other Crowdstrike Outage

On July 19, 2024, a flawed update in CrowdStrike Falcon's channel file 291 led to a logic error that caused Windows systems to crash, resulting in widespread BSOD Blue Screen of Death incidents. The impact was severe, disrupting critical infrastructure globally, from grounded flights to halted...

Kong and Wallarm Partner Up to Boost Microservices API Security

Wallarm has partnered with Mashape to provide the microservices community with API security. Mashape enterprise customers who use Kong API gateway can now quickly add API security protection without change in Kong user’s deployment. Read more about Kong and Wallarm partnership in this blog. Today...

Analyzing DeepSeek’s System Prompt: Jailbreaking Generative AI

DeepSeek, a disruptive new AI model from China, has shaken the market, sparking both excitement and controversy. While it has gained attention for its capabilities, it also raises pressing security concerns. Allegations have surfaced about its training data, with claims that it may have leveraged...

2023 OWASP Top-10 Series: API2:2023 Broken Authentication

Welcome to the 3rd post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a particular focus on security practitioners. This post will focus on API2:2023 Broken Authentication. In this series we are taking an in-depth look at each category – the details, the impact and wha...

Fetching Full-Text Alert Data with the Wallarm API

A lot of information about detected malicious requests is already available in the Wallarm console UI. However, the search functionality of the Wallarm UI does not provide full visibility into every type of potential attack or full details of a particular alert. If this level of visibility is...

Application security through the lens of Cyberwar – One on One with Chris Kubecka

Last month, Wallarm Cybersecurity Strategist Kavya Pearlman interviewed cyberwar fare expert Chris Kubecka via a webinar session that was well attended and very timely discussion. If you missed the webinar, worry not! Here is a quick recap of the discussion around “Application Security in the age...

Using WebSocket as your Real Time Protocol? Wallam got you covered.

In the beginning there was http 1 or 2, web pages were static and did not do much beyond displaying static text and images. Life has changed since… Web applications discovered that bi-directional communication between the browser and the web server is essential. Of course, http protocol, with it’...

Vulnerabilities in BIG-IP Next Central Manager allows control of managed devices

Introduction In May 2024, new vulnerabilities have been identified in BIG-IP Next Central Manager, raising considerable security concerns. This discovery follows closely on the heels of a critical vulnerability revealed in April within Palo Alto's firewalls with enabled GlobalProtect feature, whi...

Dell Data Breach: Personal Information of 49 Million Customers Compromised due to latest API Abuse

Dell recently issued a notice regarding a data breach that occurred on May 9, which has reportedly affected over 49 million customers across the globe. According to a report by BleepingComputer, Dell initiated the distribution of notifications cautioning its customers that their personally...

GCP ESPv2 Hit with Critical API Authorization Bypass CVE-2023-30845

This post delves into a very impactful JWT Authentication Bypass vulnerability CVE-2023-30845 found in ESP-v2, an open-source service proxy that provides API management capabilities using Google Service Infrastructure. This vulnerability allows malicious API clients to bypass JWT authentication...

Azure CLI Code Injection CVE-2022-39327 hits 9.8/10 CVSS score

The most recent Azure CLI Code Injection vulnerability is a rare and dangerous case. It’s not often that the most popular cloud platform client is vulnerable to such critical issues as code injection. Regardless overall high risk of injections by OWASP Top 10 and OWASP API Security Top 10, code...

340 weak JWT secrets you should check in your code

JSON Web Token JWT is the data format with bill-in signature and encryption mechanisms that are often used by modern web applications to store user sessions and application context, including authentication by SSO and meta-data. Usually, you can find JWT tokens in an Authentication Bearer HTTP...

Is Docker Swarm going to change how we do microservices APIs?

During the DockerCon a couple of weeks ago the new native swarm functionality was one of the highlighted themes. What is a swarm? A swarm is a cluster of Docker engines, or nodes, which acts as an orchestrator, monitor and ingress load balancer for all the services deployed on swarm. The Docker...

CVE-2024-36680: SQL Injection Vulnerability in Facebook’s PrestaShop Module Exposes Thousands of E-commerce Sites to Credit Card Fraud

SQL Injection Exposure in Promokit.eu Threatens Facebook's PrestaShop Customers PrestaShop is a free, open-source E-commerce platform launched in 2007. Built with PHP and MySQL, it offers customizable, scalable solutions for online stores. Features include product management, inventory tracking,...

avro vs protobuf

A Kickoff Discussion on Core Aspects of Avro & Protobuf When deliberating on the subject of data structure encoding, a tandem of tools frequently emerges in technical discussions: Avro and Protobuf. Originating from a vision of precise data compression, the distinguishable features and applicatio...

Protobuf vs JSON

A Beginners Guide to Understanding Protobuf & JSON When you dive into the sphere of data serialization, you're likely to encounter two dominant players - Protobuf, the colloquial term for Protocol Buffers, and JSON, standing for JavaScript Object Notation. Both of these formats carry distinctive...

2023 OWASP Top-10 Series: API1:2023 Broken Object Level Authorization

Welcome to the 2nd post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a particular focus on security practitioners. This post will focus on API1:2023 Broken Object Level Authorization. In this series we are taking an in-depth look at each category – the details, the...

16 Best DDOS Attack Tools in 2022

What are DDOS attack tools? DDOS attacks are cyber- attacks targeted at rendering certain computers, network systems and servers non-functional. The processes involved in its execution can be however complicated. Attackers have to carry out a long series of actions that involve social engineering...

Wallarm NG WAF is ranked as a “High Performer” by G2, Spring 2021!

We are proud to announce that Wallarm NG WAF was ranked as a “High performer” by G2 in the Web Application Firewall category. This award from the G2 platform confirms that our solution is highly rated by current verified Wallarm WAF users, who left unbiased reviews and answers to WAF-related...

How To Protect Your Kubernetes Cluster with Wallarm – part 1 of 3

Kubernetes clusters enable an organization to easily take advantage of containerization. While this is a huge asset, it also creates security issues. Many organizations lack visibility into the applications within their Kubernetes cluster and their attack surface. Within a Kubernetes cluster, an...

Apache Solr 1,2,3,4 Kill-Chain.

One of the services Wallarm offers today are Pentest Audits. Our team has met a new challenging task at a recent project: penetration test & usage for Apache Solr V4.10.4. We want to use this blog to describe the way we have identified vulnerability & managed to execute commands with root...

What You Should Know About Side-Channel Attacks, Like Meltdown

“The light is on in their window. They must be home.” This is a classic example of a side information channel. They didn’t TELL you they were home. But the side effect of them being home in the evening is the light in the window — which is how you’re pretty sure they are home even though this...

2023 OWASP Top-10 Series: API6:2023 Unrestricted Access to Sensitive Business Flows

Welcome to the 7th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a particular focus on security practitioners. This post will focus on API6:2023 Unrestricted Access to Sensitive Business Flows. In this series we are taking an in-depth look at each category – the...

Wallarm launches Cloud WAF with the best-in-class API protection

An easy to use Cloud WAF and API protection package We are thrilled to announce the launch of the new Wallarm Cloud WAF deployment for Wallarm Cloud-Native Security Platform. Get your application protection up and running in 15 minutes, without any installation at all. You can now gain protection...

Legacy WAF Issues

Traditional WAFs speak to bigger adoption problems for technologists, innovators, and businesses. Making a decision in today’s marketplace is like being a kid in a toy store. There are so many options that excitement quickly turns to settling on a familiar choice, so it’s no surprise that...

How to protect web applications on Google Cloud Platform with WAF?

Many of the developers we speak to are interested in taking advantage of Google Compute Cloud for developing and hosting their web applications. The advantages are many from reasonable costs to built in scalability to high level of availability built right into the platform. However, the develope...

Meet JWT heartbreaker, a Burp extension that finds thousands weak secrets automatically

In the recent post https://lab.wallarm.com/340-weak-jwt-secrets-you-should-check-in-your-code/, we presented a wallarm/jwt-secrets GitHub repository with a 340 JSON Web Token secrets available publicly. Using this data, its possible to check if you or your developers forgot to change default...

Building Security into Cloud Native Apps with NGINX

Industries from hospitality to taxis/transportation and food delivery are being disrupted by new age companies like Airbnb, Uber and DoorDash that have a cloud-based software infrastructure as one of their main enablers. Why do all these new companies use cloud and what advantage does it give the...

How To Protect Your Kubernetes Cluster with Wallarm – Running in Production Mode – part 3 of 3

The previous two blog articles in this series describe how to set up Wallarm Ingress controller and configure it so that it can properly allow or block traffic from trusted or suspicious/malicious IP addresses. This is essential to the functionality of Wallarm’s Ingress controller but it isn’t...