Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history

 Features

By Anastasios Arampatzis, Cybersecurity Content Creator at Bora  In today’s digital age, APIs have become the backbone of software communication. They are the unsung heroes that enable our apps to interact seamlessly, creating a symphony of data exchange that powers everything from social media platforms to   show more ...

financial services. However, as crucial as they are, APIs also represent a significant security risk. Salt’s State of API Security Report Q1:2023 reveals that APIs have become a prime target for attackers. Within six months, unique attackers have grown by 400%. Despite this alarming statistic, 30% of respondents admitted to having no API security strategy in place. With the rise of cyber threats, understanding and mitigating API security risks is not just an option; it’s a necessity. In this blog, we’ll embark on a journey through the labyrinth of API security. We’ll uncover the top risks that lurk in the shadows and arm you with the knowledge to defend against them. So, let’s dive in and turn these potential pitfalls into stepping stones for building more robust systems. Unearthing the API Security Risks The Open Web Application Security Project (OWASP) released its first API Security Top 10 list of vulnerabilities in 2019 to help the API security industry better understand the most common API attacks. An updated list was released in 2023, which includes the ten most significant API vulnerabilities. Among these, the most common vulnerabilities are: Broken Object Level Authorization (BOLA) Imagine you have a vault where each customer’s valuables are stored in separate boxes. Now, what if, due to a security flaw, a customer could access not just their box but everyone else’s? This is what happens with Broken Object Level Authorization (BOLA) in the world of APIs. BOLA is the most common and critical security risk, where APIs fail to adequately secure objects when clients request them. This can lead to unauthorized access and data breaches, compromising user data. Broken User Authentication User authentication is like the front door to your API’s house. If the lock on this door is weak, attackers can easily break in. Broken User Authentication happens when APIs are not strict enough in verifying the identity of their users. This lax security can lead to unauthorized access to sensitive data and functions, making it a prime target for attackers. Excessive Data Exposure APIs are designed to share data, but what if they share too much? Excessive data exposure occurs when an API exposes more data than is necessary for its intended function. For example, an API meant to display user profiles in an app might inadvertently reveal sensitive information like addresses or payment details. This oversharing not only violates user privacy but also becomes a goldmine for attackers. Lack of Resource and Rate Limiting Without proper resource and rate limiting, an API is like an all-you-can-eat buffet. This can lead to system overload, where too many requests deplete the system’s resources. Attackers can exploit this by launching DDoS attacks, rendering the API and, by extension, the application, unusable for legitimate users. Injection Flaws Injection flaws are like tricking a guard into unlocking a door. They occur when untrusted data is sent to an interpreter as part of a command or query. The attacker’s hostile data tricks the interpreter into executing unintended commands or accessing unauthorized data. Common injection flaws include SQL, NoSQL, and Command Injection, each capable of inflicting serious damage. Fortifying Your Defenses APIs are challenging to protect. Traditional solutions can’t handle the complexities of the API ecosystem. Attackers know this, which is why they focus on APIs. The following best practices can help you improve your API security posture: Implement Proper Authentication and Authorization Just like having a reliable security system in your home, implementing robust authentication and authorization is vital. It’s essential to use strong, industry-standard protocols like OAuth 2.0 and OpenID Connect. Implement multi-factor authentication for added security and ensure that tokens and credentials are stored and transmitted securely. Remember, a lock is only as strong as its key management. Data Encryption and Protection Protecting data is akin to safeguarding the crown jewels. Always encrypt sensitive data, both in transit (using TLS) and at rest. Employ best practices like using strong encryption algorithms and regularly updating your encryption keys. It’s not just about keeping the data safe, but also ensuring that even if someone gets their hands on it, it remains an indecipherable puzzle. Throttling and Rate Limiting Imagine a highway with no speed limits or traffic lights — chaos, right? That’s what an API without throttling and rate limiting looks like. Implementing these controls helps prevent abusive patterns or brute force attacks. Set practical limits on how often your API can be called to maintain availability and service integrity. Input and Output Validation This is about ensuring that what goes in and out of your API is exactly what should. Input validation helps in filtering out harmful data that might lead to injection attacks. Similarly, output validation ensures that your API doesn’t reveal more than it should. Think of it as having a bouncer for data — only letting in and out what’s appropriate. Regular Security Audits and Penetration Testing Staying ahead of potential threats is key. Regularly conducting security audits and penetration testing on your APIs can uncover vulnerabilities before attackers can exploit them. Think of these as routine health check-ups for your API, ensuring it’s in top shape to face any security challenges. Automate API Security The best protection for APIs is the use of automated security tools with API security in mind. In the world of API security, automated tools are like having a 24/7 security guard. Tools such as static and dynamic application security testing (SAST/DAST) solutions can automatically detect vulnerabilities in your API code and runtime environment. Implementing these tools helps in maintaining a continuous check on your API’s security posture. However, having extra assistance is always welcomed. Leveraging artificial intelligence for anomaly detection can be a game-changer. AI algorithms can analyze patterns in API traffic and identify anomalies that could indicate a security breach. This is like having a highly intelligent detective constantly looking for clues of any misbehavior in your API traffic. Preparing for the Worst: Incident Response Even the best defenses may sometimes be breached. This is where a solid incident response plan comes into play. It’s like having a fire escape plan in a building; you hope never to use it, but it’s vital for safety. Your plan should outline clear steps to be taken in the event of a breach, including identifying the breach, containing the damage, eradicating the threat, recovering systems, and notifying affected parties. As the API security landscape is constantly evolving, continuous monitoring of your ecosystem is crucial for early detection of any suspicious activities. Learning from past incidents, staying updated with the latest security trends, and adapting your defenses accordingly is not just a strategy; it’s necessary in today’s fast-paced digital world. Conclusion API security is not a one-time fix but a continuous process of improvement and adaptation. By doing so, you not only protect your systems but also build trust with your users – a priceless asset in the digital world. As we conclude, I invite you to take a moment to reflect on your current API security measures. Are there areas you can improve? Have you overlooked any potential vulnerabilities? Use this blog as a starting point to assess and enhance your API security posture. Disclaimer: The views and opinions expressed in this guest post are solely those of the author(s) and do not necessarily reflect the official policy or position of The Cyber Express. Any content provided by the author is of their opinion and is not intended to malign any religion, ethnic group, club, organization, company, individual, or anyone or anything. 

 Cyber Security News

Source: www.darkreading.com – Author: Source: Kaspars Grinvalds via Adobe Stock While using artificial intelligence (AI) for enterprise defense and against adversaries, who are also harnessing the technology’s power, was front and center for law enforcement officials and security leaders at last   show more ...

week’s International Conference on Cyber Security at Fordham University, it is not the only […] La entrada AI Gives Defenders the Advantage in Enterprise Defense – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.troyhunt.com – Author: Troy Hunt They’re an odd thing, credential lists. Whether they’re from a stealer as in this week’s Naz.API incident, or just aggregated from multiple data breaches (which is also in Naz.API), I inevitably get some backlash after loading them: “this   show more ...

doesn’t tell me anything useful, why are you loading this?!” The […] La entrada Weekly Update 383 – Source: www.troyhunt.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Marc Handelman Authors/Presenters: Vivek Nair, Wenbo Guo, Justus Mattern, Rui Wang, James F. O’Brien, Louis Rosenberg, Dawn Song Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment   show more ...

to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via […] La entrada USENIX Security ’23 – Unique Identification of 50,000+ Virtual Reality Users from Head & Hand Motion Data – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Bitcoin

Source: securityboulevard.com – Author: Gary Warner The Crypto Launderers: Crime and Cryptocurrencies from the Dark Web to DeFi and Beyond – by David Carlisle    I wish I had a way to review this book without having first read last year’s “Tracers in the Dark.” While Tracers talked about the people   show more ...

involved in investigating various […] La entrada Book Review: The Crypto Launderers: Crime and CryptoCurrencies – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Avast Blog I consider myself pretty savvy when it comes to protecting my personal data. But last year I nearly fell for a phone scam from someone purporting to be an IRS agent. In my own defense, it was an impressively creative scam. It was also a reminder that there is   show more ...

[…] La entrada Your data is under siege. Here’s how to win the war. – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Lila Joy Ginsberg Pass-The-Cookie (PTC), also known as token compromise, is a common attack technique employed by threat actors in SaaS environments.  In the past, Obsidian’s Threat Research team noted a pattern where most PTC attacks focused on stealing the identity   show more ...

provider (IdP) primary authentication cookie. However, there has since been […] La entrada Behind the Breach: Pass-The-Cookie Beyond IdPs – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Analytics & Intelligence

Source: securityboulevard.com – Author: Lila Joy Ginsberg In a world of evolving SaaS security threats, organizations require advanced threat detection and response capabilities. Obsidian’s integration with Splunk provides just that–empowering security teams to effectively address SaaS security threats.   show more ...

Splunk Integration: What You Need to Know Obsidian offers an application that seamlessly integrates with Splunk Enterprise […] La entrada Unlock SaaS Security Intelligence with Splunk and Obsidian – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Cole Grolmus Quick, how many publicly traded cybersecurity companies are there? Take a guess. I’ll wait. … Struggling to come up with an answer? If you took a shot, how confident are you that you’re right? If you’re feeling a little bit rattled right now,   show more ...

don’t worry. The answer is wayyyyyy […] La entrada Demystifying Cybersecurity’s Public Companies – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Consumer Security

Source: securityboulevard.com – Author: Branden Williams Breaches are never ending, and if you have not already put freezes on your credit reports, make a late New Year’s resolution and do it now. There are a couple of steps you will need to take for each of the four bureaus (yes four). Credit Cards, by   show more ...

Andres […] La entrada Protect Yourself and Freeze Your Credit – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Admin

Source: www.databreachtoday.com – Author: 1 Cryptocurrency Fraud , Cybercrime , Fraud Management & Cybercrime ‘Pompompurin’ Sentenced to Supervised Release, Banned From Internet for 1 Year Prajeet Nair (@prajeetspeaks) • January 20, 2024     A federal judge sentenced   show more ...

“Pompompurin,” the administrator of a now-defunct data breach marketplace, to 20 years of supervised release. The Peekskill, […] La entrada BreachForums Admin Avoids Prison Term – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime Computing Giant Says Hackers Did Not Access Customer Data or Production Systems David Perera (@daveperera) • January 19, 2024     Microsoft on Friday disclosed a hacking incident instigated   show more ...

by Russian state hackers. (Image: Shutterstock) Russian state hackers obtained access to […] La entrada Microsoft: Russian Hackers Had Access to Executives’ Emails – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Admin

Source: www.govinfosecurity.com – Author: 1 Cryptocurrency Fraud , Cybercrime , Fraud Management & Cybercrime ‘Pompompurin’ Sentenced to Supervised Release, Banned From Internet for 1 Year Prajeet Nair (@prajeetspeaks) • January 20, 2024     A federal judge sentenced   show more ...

“Pompompurin,” the administrator of a now-defunct data breach marketplace, to 20 years of supervised release. The Peekskill, […] La entrada BreachForums Admin Avoids Prison Term – Source: www.govinfosecurity.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.govinfosecurity.com – Author: 1 Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime Computing Giant Says Hackers Did Not Access Customer Data or Production Systems David Perera (@daveperera) • January 19, 2024     Microsoft on Friday disclosed a hacking incident instigated   show more ...

by Russian state hackers. (Image: Shutterstock) Russian state hackers obtained access to […] La entrada Microsoft: Russian Hackers Had Access to Executives’ Emails – Source: www.govinfosecurity.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Security Affairs newsletter Round 455 by Pierluigi Paganini – INTERNATIONAL EDITION  |  Admin of the BreachForums hacking forum sentenced to 20 years supervised release  |  VF Corp December data breach impacts 35 million customers   show more ...

 |  China-linked APT UNC3886 exploits VMware zero-day since 2021  |  Ransomware attacks break records in […] La entrada Security Affairs newsletter Round 455 by Pierluigi Paganini – INTERNATIONAL EDITION – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 BreachForums

Source: securityaffairs.com – Author: Pierluigi Paganini Admin of the BreachForums hacking forum sentenced to 20 years supervised release Conor Brian Fitzpatrick, the admin of the BreachForums hacking forum, has been sentenced to 20 years supervised release. Conor Brian Fitzpatrick, the admin of the   show more ...

BreachForums hacking forum, was sentenced to 20 years of supervised release. In […] La entrada Admin of the BreachForums hacking forum sentenced to 20 years supervised release – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 APT

Source: securityaffairs.com – Author: Pierluigi Paganini Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails Microsoft revealed that the Russia-linked APT Midnight Blizzard has compromised some of its corporate email accounts.  Microsoft warned that some of its corporate email accounts were   show more ...

compromised by a Russia-linked cyberespionage group known as Midnight Blizzard. Microsoft notified law enforcement and relevant […] La entrada Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2024-01
Aggregator history
Sunday, January 21
MON
TUE
WED
THU
FRI
SAT
SUN
JanuaryFebruaryMarch