548 matches found
Chicago API Security Summit 2024
Thank You Chicago! Earlier this week we had the pleasure of hosting a regional API Security Summit in Chicago well, actually in Lombard. These summits bring together the local cybersecurity community for half-day of API Security-focused content, including expert speakers and panelists. While this...
Fundamentals of GraphQL-specific attacks
GraphQL vs REST APIs Developers are constantly exploring new technologies that can improve the performance, flexibility, and usability of applications. GraphQL is one such technology that has gained significant attention for its ability to fetch data efficiently. Unlike the traditional REST API,...
API Attack Surface: How to secure it and why it matters
Managing an organization’s attack surface is a complex problem involving asset discovery, vulnerability analysis, and continuous monitoring. There are multiple well-defined solutions to secure the attack surface, such as extended detection and response EDR or XDR, security information & event...
Evolution of Attack Surface Management
The Early Days: Basic Asset Management While it was not called ASM, the concept of managing attack surface management began with basic asset management practices in the late 1990s and early 2000s. Organizations focused on keeping an inventory of their digital assets, such as servers, desktops, an...
The Other Crowdstrike Outage
On July 19, 2024, a flawed update in CrowdStrike Falcon's channel file 291 led to a logic error that caused Windows systems to crash, resulting in widespread BSOD Blue Screen of Death incidents. The impact was severe, disrupting critical infrastructure globally, from grounded flights to halted...
Unveiling Top API Vulnerabilities and Emerging Trends: Introducing the Wallarm Q2 2024 API ThreatStats™ Report
As we move through 2024, the Wallarm Research Team continues to monitor the evolving API vulnerability and threat landscape. Our latest Q2 ThreatStats™ Report reveals critical trends and developments that are reshaping the security environment. Continuing from our Q1 findings, the surge in AI API...
Elasticidad de la nube
Descripción general de la elasticidad de la nube La flexibilidad es uno de los atributos cardinales de la informática en la nube, conocido formalmente como elasticidad de la nube. Este atributo es esencial en el campo de las tecnologías de la información, facilitando el ajuste fluido de los...
CIRCIA – Ley de notificación de incidentes cibernéticos para infraestructuras críticas
¿Qué es CIRCIA? CIRCIA, o Cyber Incident Reporting for Critical Infrastructure Act, es una propuesta de ley que busca fortalecer la seguridad cibernética en los Estados Unidos. Esta legislación tiene como objetivo principal proteger la infraestructura crítica del país, como las redes eléctricas,...
CISO: funciones y responsabilidades laborales 🛡️
Significado de CISO En el ámbito corporativo, CISO es un acrónimo ampliamente reconocido que denota a "Chief Information Security Officer", que se puede interpretar en español como el Encargado Principal de Salvaguardar la Información. Este encargo representa una posición esencial en el organigra...
340 secretos JWT débiles que debes revisar en tu código
¿Qué pasa con JWT? El token web JSON, usualmente identificado por sus siglas JWT, brinda un recurso eficaz para autenticar y habilitar el acceso en los programas web. No obstante, un uso inadecuado de esta herramienta puede resultar en serios fallos de seguridad. En este escrito, discutiremos los...
Definición de la tríada de la CIA. Ejemplos de confidencialidad, integridad y disponibilidad
Definición de la tríada de la CIA El Modelo AIC o la Triada AIC es una estrategia clave para abordar y coordinar las metodologías de resistencia cibernética. Este enfoque obedecer a tres conceptos clave: la Blindaje, Fidelidad y Accesibilidad. Cada uno de estos conceptos juega un papel determinan...
Falla en la lógica empresarial
¿Qué son las fallas de la lógica empresarial? Las fallas de lógica empresarial, también conocidas como defectos de lógica empresarial, son errores en el diseño de un sistema o proceso que permiten a los usuarios realizar acciones que no deberían ser posibles. Estos errores no son el resultado de ...
CVE-2024-41110: Once Again, Docker Addresses API Vulnerability That Can Bypass Auth Plugins
Summary A significant vulnerability CVE-2024-41110 was recently discovered in Docker Engine version 18.09.1.Although the issue was identified and fixed in 2019, the patch did not apply to other major versions, resulting in regression. The vulnerability was assigned a CVSS score of 10 critical...
CVE-2024-41110: Once Again, Docker Addresses API Vulnerability That Can Bypass Auth Plugins
Summary A significant vulnerability CVE-2024-41110 was recently discovered in Docker Engine version 18.09.1.Although the issue was identified and fixed in 2019, the patch did not apply to other major versions, resulting in regression. The vulnerability was assigned a CVSS score of 10 critical...
Ataque de puerta trasera
¿Qué es una puerta trasera? Un "Acceso Secreto" es una técnica que se utiliza para saltarse la autenticación usual en un sistema, producto o dispositivo. Muchas veces, los creadores de software hacen uso de estos accesos para entrar a programas o sistemas y llevar a cabo ajustes o actualizaciones...
Sistema Automático de Identificación de Huellas Dactilares – AFIS
Historia del sistema automatizado de identificación de huellas dactilares No cabe duda, el Mecanismo Computarizado de Detección de Marcas Dactilares, usualmente abreviado como AFIS, ha tenido un rol crucial en la intensificación de la seguridad y en la eficacia de los procedimientos judiciales...
Escalado automático
¿Qué es el escalamiento automático? El Auto-Scaling, o Escalado Dinámico, constituye una estrategia revolucionaria y efectiva para la ajustabilidad de los medios informáticos condicionada a las oscilaciones en las demandas presentes. Al garantizar la disponibilidad de los recursos informáticos...
How Can Deliberately Flawed APIs Help In Mastering API Security?
In our recent webinar recent webinar title 'A CISO’s Checklist for Securing APIs and Applications', we delved into the concept of creating an API security playground tailored for both developer and security teams. The core idea revolves around utilizing intentionally vulnerable APIs as training...
How Can Deliberately Flawed APIs Help In Mastering API Security?
In our recent webinar recent webinar title 'A CISO’s Checklist for Securing APIs and Applications', we delved into the concept of creating an API security playground tailored for both developer and security teams. The core idea revolves around utilizing intentionally vulnerable APIs as training...
Two of Wallarm’s Open-source Tools Have Been Accepted into Black Hat Arsenal 2024
We're gearing up with some seriously cool stuff for Black Hat! But first, a little sneak peek - not just one, but TWO of Wallarm's open-source tools will be featured in the Arsenal showcase at Black Hat USA this year. Black Hat Arsenal unites researchers and the open-source community to display...
Polyfill.io Supply Chain Attack: Malicious JavaScript Injection Puts Over 100k Websites At Risk
Polyfill.io helps web developers achieve cross-browser compatibility by automatically managing necessary polyfills. By adding a script tag to their HTML, developers can ensure that features like JavaScript functions, HTML5 elements, and various APIs work across different browsers. Originally...
CVE-2024-6387: New OpenSSH RegreSSHion Vulnerability Gives Hackers Root Access on Linux Servers – 700,000+ Linux Boxes Potentially at Risk
Labeled as CVE-2024-6387, the recently discovered vulnerability in OpenSSH has become a serious cause for concern among Linux servers. OpenSSH is a collection of networking tools built on the Secure Shell SSH protocol. It is widely utilized to secure remote logins, manage and administer remote...
CVE-2024-5655: Latest GitLab API Vulnerability Threatens Customer Data Exposure
A security flaw that impacts specific versions of GitLab's Community and Enterprise Edition products was just detected. This vulnerability can be exploited to execute pipelines under any user's credentials. GitLab is a web-based DevOps platform offering tools for software development, version...
CVE-2024-36680: SQL Injection Vulnerability in Facebook’s PrestaShop Module Exposes Thousands of E-commerce Sites to Credit Card Fraud
SQL Injection Exposure in Promokit.eu Threatens Facebook's PrestaShop Customers PrestaShop is a free, open-source E-commerce platform launched in 2007. Built with PHP and MySQL, it offers customizable, scalable solutions for online stores. Features include product management, inventory tracking,...
CVE-2024-3080: ASUS warns Customers about the latest Authentication Bypass Vulnerability detected Across seven Router Models
ASUS announces major Firmware Update ASUS recently issued a firmware update to resolve a critical security vulnerability affecting seven different variants of its router models. Identified as CVE-2024-3080 with a CVSS v3 severity score of 9.8 critical, the vulnerability permits remote attackers t...
PCI DSS v4.0: What You Need to Know and What the End of v3.2.1 Means for the Future of Digital Payments
On March 31st, 2024, The Payments Card Industry Standards Security Council PCI SSC officially retired version 3.2.1 of the PCI Data Security Standard PCI DSS with the publication of its new sets of protocols and security standards for v4.0. With the continued rise in cyber threats against financi...
Zero-Day Marketplace Explained: How Zerodium, BugTraq, and Fear contributed to the Rise of the Zero-Day Vulnerability Black Market
Whenever a company is notified about or discovers a critical flaw in their system/application that has the potential to be exploited by malicious elements, it’s termed a vulnerability. However, every time a flaw being actively exploited is discovered, code red is punched as the organization’s IT...
CVE-2024-29849: Veeam discloses Critical Vulnerability that allows attackers to bypass user authentication on its Backup Enterprise Manager web interface
On May 21, 2024, Veeam revealed a severe flaw across its Veeam Backup Enterprise Manager VBEM web interface that enables an unauthenticated attacker to log into the web interface as any user. Officially designated as CVE-2024-29849, the vulnerability presents a major threat with a CVSS V3 rating ...
CVE-2024-24919: Check Point’s Quantum Gateway comes under Attack as Hackers exploit Zero-Day Vulnerability
Active Exploits target Check Point Security Gateway Zero-Day Information Disclosure flaw Check Point Cybersecurity has issued hotfixes to address a zero-day vulnerability in its VPNs that has been exploited to gain remote access to firewalls and potentially infiltrate corporate networks. On...
Vulnerabilities in BIG-IP Next Central Manager allows control of managed devices
Introduction In May 2024, new vulnerabilities have been identified in BIG-IP Next Central Manager, raising considerable security concerns. This discovery follows closely on the heels of a critical vulnerability revealed in April within Palo Alto's firewalls with enabled GlobalProtect feature, whi...
Dell Data Breach: Personal Information of 49 Million Customers Compromised due to latest API Abuse
Dell recently issued a notice regarding a data breach that occurred on May 9, which has reportedly affected over 49 million customers across the globe. According to a report by BleepingComputer, Dell initiated the distribution of notifications cautioning its customers that their personally...
Best API Security Product: Wallarm wins 2024 Cybersecurity Excellence Award
We are thrilled to announce that Wallarm has clinched the sought-after 2024 Cybersecurity Excellence Award, under the category Best API Security Product. Our unwavering commitment to pioneering solutions that safeguard digital ecosystems, and fortify API security amidst the evolving cyber threat...
Tracking CVE-2024-2876: Why does the latest WordPress exploit compromise over 90,000 websites?
A highly concerning security loophole was recently discovered in a WordPress plugin called "Email Subscribers by Icegram Express," a popular tool utilized by a vast network of over 90,000+ websites. Officially designated as CVE-2024-2876 with a CVSS score of 9.8 critical, the vulnerability...
Introducing the Wallarm Q1 2024 API ThreatStats™ Report
As we have in previous editions of the ThreatStats report, we highlight the industry’s top API-related attacks and trends. New to this version, however, is a detailed analysis of API attacks targeting AI-based applications, representing a new and rapidly expanding threat vector. And while we...
Wallarm’s Open Source API Firewall debuts at Blackhat Asia 2024 – Introduces Key New Features & Functionalities
Wallarm introduced its ongoing Open Source API Firewall project to the world at the recently concluded Blackhat Asia 2024 conference in Singapore. The open-source API Firewall by Wallarm is a free, lightweight API Firewall designed to protect REST and GraphQL API endpoints across cloud-native...
How to track and stop CVE-2024-3400: Palo Alto Networks API Exploit Causing Critical Infrastructure and Enterprise Epidemics
On Friday April 12, Palo Alto disclosed that some versions of PAN-OS are not only vulnerable to remote code execution, but that the vulnerability has been actively exploited to install backdoors on Palo Alto firewalls. A patch is expected to be available on April 14th. The advisory from Palo Alto...
Top 3 API Leaks Identified by Cybersecurity & InfoSec Experts
APIs Application Programming Interfaces have proliferated widely, which increases their susceptibility to various vulnerabilities. In the realm of web applications, prime examples that stand out are SOAP Simple Object Access Protocol and Representational State Transfer REST APIs. Due to their...
Spoutible Enhances Platform Security through Partnership with Wallarm
Spoutible, the rapidly growing social media platform known for its commitment to fostering a safe, inclusive, and respectful online community, has taken a significant step forward in its mission to ensure user safety, security and data integrity. Recognizing the critical importance of robust API...
Top 4 Industries at Risk of Credential Stuffing and Account Takeover (ATO) attacks
All industries are at risk of credential stuffing and account takeover ATO attacks. However, some industries are at a greater risk because of the sensitive information or volume of customer data they possess. While cyber-attacks come in all forms and techniques, credential stuffing involves an...
Top 6 Data Breaches That Cost Millions
“If you put a key under the mat for the cops, a burglar can find it, too. Criminals are using every technology tool at their disposal to hack into people’s accounts. If they know there’s a key hidden somewhere, they won’t stop until they find it.” - Tim Cook, CEO of Apple Inc. The entire digital...
Test and evaluate your WAF before hackers
Since 1991, Web Application Firewall, commonly referred to as WAF, has become one of the most common application security technologies available on the market. Since the last century, WAFs have evolved by incorporating the cloud and using Machine Learning instead of RegExp. Currently, few...
Top 4 Essential Strategies for Securing APIs To Block Compromised Tokens
Government bodies are clamping down heavily on institutions and organizations that handle sensitive customer data. For APIs, tokens are used to authenticate users. We live in an era dominated by cloud-native and cloud-first solutions that rely on these services to provide dynamic data storage...
Improving Security with Wallarm’s NIST CSF 2.0 Dashboard
Ensuring the security of web applications and APIs is more critical than ever. With threats becoming increasingly prevalent and sophisticated, organizations need to employ comprehensive security measures to protect their digital assets. The NIST Cybersecurity Framework CSF 2.0 stands at the...
avro vs protobuf
A Kickoff Discussion on Core Aspects of Avro & Protobuf When deliberating on the subject of data structure encoding, a tandem of tools frequently emerges in technical discussions: Avro and Protobuf. Originating from a vision of precise data compression, the distinguishable features and applicatio...
Digital Experience Monitoring | What Is DEM?
Introduction to Digital Experience Monitoring: Illuminating the Basics In an era governed by technology, the satisfaction of an end-user is of utmost importance. It has the power to stimulate or to halt business growth, and frequently determines if a client continues or discontinues their...
Directory Traversal: Examples, Testing, and Prevention
Unveiling the Enigma of Path Navigation: An Exhaustive Exploration and Insight Path Navigation, often referred to as Folder Navigation, symbolizes a kind of security extraction point allowing unauthorized individuals to gain unauthorized access to specific files held within a server's database...
How to comply with GDPR requirements
Understanding the Basics of GDPR Compliance Within the sphere of cybersecurity, significant strides were made as the European Union EU introduced an innovative legislative tool called the General Data Protection Regulation GDPR, unveiled on May 25, 2018. This regulation highlights the EU's unifie...
Blocking Compromised Tokens with Wallarm
In our Annual API ThreatStats report, we highlighted the increasing threat of API Leaks. An API Leak is the disclosure of sensitive API information, such as a token, credential, or private schema. These leaks can occur directly via the API itself, but also via third party tools used to manage...
Wallarm’s Crusade Against Rising Credential Stuffing Threats
Credential Stuffing, a vital yet often overlooked aspect of cybersecurity, needs to be addressed with urgency. An alarmingly large segment of the population engages in the risky habit of using the same password for various accounts. This behavior parallels the risk of using a universal key for...
How to Implement a Secure Incident Response Plan
Understanding the Basics of Secure Incident Response Plan A proactive strategy for coping with digital dangers calls for a well-planned process that can neutralize and diminish the harmful aftermath of unauthorized intrusion attempts and neglect of security principles. The primary aim of this...