#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

API Security | Breaking Cybersecurity News | The Hacker News

Category — API Security
27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT Experts

27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT Experts

Nov 17, 2023 Software Supply Chain / API Security
An unknown threat actor has been observed publishing typosquat packages to the Python Package Index (PyPI) repository for nearly six months with an aim to deliver malware capable of gaining persistence, stealing sensitive data, and accessing cryptocurrency wallets for financial gain. The 27 packages, which masqueraded as popular legitimate Python libraries, attracted thousands of downloads, Checkmarx said in a new report. A majority of the downloads originated from the U.S., China, France, Hong Kong, Germany, Russia, Ireland, Singapore, the U.K., and Japan. "A defining characteristic of this attack was the utilization of steganography to hide a malicious payload within an innocent-looking image file, which increased the stealthiness of the attack," the software supply chain security firm  said . Some of the packages are pyefflorer, pyminor, pyowler, pystallerer, pystob, and pywool, the last of which was planted on May 13, 2023. A common denominator to these packages is t
Alert: 'Effluence' Backdoor Persists Despite Patching Atlassian Confluence Servers

Alert: 'Effluence' Backdoor Persists Despite Patching Atlassian Confluence Servers

Nov 10, 2023 Cyber Attack / Threat Intelligence
Cybersecurity researchers have discovered a stealthy backdoor named  Effluence  that's deployed following the successful exploitation of a recently disclosed security flaw in Atlassian Confluence Data Center and Server. "The malware acts as a persistent backdoor and is not remediated by applying patches to Confluence," Aon's Stroz Friedberg Incident Response Services  said  in an analysis published earlier this week. "The backdoor provides capability for lateral movement to other network resources in addition to exfiltration of data from Confluence. Importantly, attackers can access the backdoor remotely without authenticating to Confluence." The attack chain documented by the cybersecurity entity entailed the exploitation of  CVE-2023-22515  (CVSS score: 10.0), a critical bug in Atlassian that could be abused to create unauthorized Confluence administrator accounts and access Confluence servers. Atlassian has since disclosed a second flaw known as  CV
How to Get Going with CTEM When You Don't Know Where to Start

How to Get Going with CTEM When You Don't Know Where to Start

Oct 04, 2024Vulnerability Management / Security Posture
Continuous Threat Exposure Management (CTEM) is a strategic framework that helps organizations continuously assess and manage cyber risk. It breaks down the complex task of managing security threats into five distinct stages: Scoping, Discovery, Prioritization, Validation, and Mobilization. Each of these stages plays a crucial role in identifying, addressing, and mitigating vulnerabilities - before they can be exploited by attackers.  On paper, CTEM sounds great . But where the rubber meets the road – especially for CTEM neophytes - implementing CTEM can seem overwhelming. The process of putting CTEM principles into practice can look prohibitively complex at first. However, with the right tools and a clear understanding of each stage, CTEM can be an effective method for strengthening your organization's security posture.  That's why I've put together a step-by-step guide on which tools to use for which stage. Want to learn more? Read on… Stage 1: Scoping  When you're defin
Make API Management Less Scary for Your Organization

Make API Management Less Scary for Your Organization

Oct 24, 2023 API Management / Cybersecurity
While application development has evolved rapidly, the API management suites used to access these services remain a spooky reminder of a different era. Introducing new API management infrastructure with these legacy models still poses challenges for organizations as they modernize. Transitioning from monolithic architectures to agile microservices empowers developers to make quick changes. Using serverless technologies and containers enables rapid scalability. Adopting cloud-native API management further enhances developer productivity and leaves the ghosts of outdated operations behind. This blog uncovers the risks of neglecting API modernization and highlights how Gloo Gateway enhances upstream projects like Envoy with essential enterprise features like security, observability, and API controls. What's more, as a Kubernetes-native solution, Gloo Gateway seamlessly integrates with the Kubernetes API for easy deployment. Gloo Gateway adds enterprise capabilities to upstream open sou
cyber security

The State of SaaS Security 2024 Report

websiteAppOmniSaaS Security / Data Security
Learn the latest SaaS security trends and discover how to boost your cyber resilience. Get your free…
API Security Trends 2023 – Have Organizations Improved their Security Posture?

API Security Trends 2023 – Have Organizations Improved their Security Posture?

Oct 03, 2023 API Security / Data Security
APIs, also known as application programming interfaces, serve as the backbone of modern software applications, enabling seamless communication and data exchange between different systems and platforms. They provide developers with an interface to interact with external services, allowing them to integrate various functionalities into their own applications. However, this increased reliance on APIs has also made them attractive targets for cybercriminals. In recent years, the rise of API breaches has become a growing concern in the world of cybersecurity. One of the main reasons behind the rise of API breaches is inadequate security measures implemented by developers and organizations. Many APIs are not properly secured, leaving them vulnerable to attacks. Moreover, hackers have developed sophisticated techniques that specifically target weaknesses within APIs. For example, they may leverage malicious code injections into requests or manipulate responses from an API endpoint to gain
APIs: Unveiling the Silent Killer of Cyber Security Risk Across Industries

APIs: Unveiling the Silent Killer of Cyber Security Risk Across Industries

Oct 02, 2023 API Security / Penetration Testing
Introduction In today's interconnected digital ecosystem, Application Programming Interfaces (APIs) play a pivotal role in enabling seamless communication and data exchange between various software applications and systems. APIs act as bridges, facilitating the sharing of information and functionalities. However, as the use of APIs continues to rise, they have become an increasingly attractive target for cybercriminals and a significant cybersecurity risk across various industries. This article dives into the world of APIs, exploring why they pose substantial cybersecurity challenges and providing real-world examples of API breaches across different sectors. Download  API Security Guide . The API Revolution The proliferation of cloud computing, mobile apps, and the Internet of Things (IoT) has accelerated the adoption of APIs. They serve as the building blocks of modern software applications, enabling developers to integrate third-party services, enhance functionalities, and c
How to Prevent API Breaches: A Guide to Robust Security

How to Prevent API Breaches: A Guide to Robust Security

Sep 11, 2023 Data Security / API Security
With the growing reliance on web applications and digital platforms, the use of application programming interfaces (APIs) has become increasingly popular. If you aren't familiar with the term, APIs allow applications to communicate with each other and they play a vital role in modern software development. However, the rise of API use has also led to an increase in the number of API breaches. These breaches occur when unauthorized individuals or systems gain access to an API and the data it contains. And as victims can attest, breaches can have devastating consequences for both businesses and individuals. One of the primary concerns with API breaches is the exposure of sensitive data. APIs often contain or provide access to personal or financial information, and if this data falls into the wrong hands, it can be used for fraudulent activities or identity theft. API breaches can also lead to severe reputational damage for businesses. Customers and stakeholders expect their informatio
Webinar - Mastering API Security: Understanding Your True Attack Surface

Webinar - Mastering API Security: Understanding Your True Attack Surface

Jun 13, 2023 API Security / Webinar
Believe it or not, your attack surface is expanding faster than you realize. How? APIs, of course! More formally known as application programming interfaces, API calls are growing twice as fast as HTML traffic, making APIs an ideal candidate for new security solutions aimed at protecting customer data, according to Cloudflare. According to the "Quantifying the Cost of API Insecurity" report, US businesses incurred upwards of $23 billion in losses from API-related breaches in 2022. In fact, 76% of cybersecurity professionals admitted to experiencing an API-related security incident. This is why you can't afford to ignore your API security posture , especially when you consider that APIs don't exist in a vacuum. The infrastructure components powering those critical APIs can suffer from security misconfigurations as well, leaving you open to unexpected breaches. However, this isn't something you or your AppSec teams can take on alone, both in terms of volume and
How to Improve Your API Security Posture

How to Improve Your API Security Posture

Jun 08, 2023 API Security / DevSecOps
APIs, more formally known as application programming interfaces, empower apps and microservices to communicate and share data. However, this level of connectivity doesn't come without major risks. Hackers can exploit vulnerabilities in APIs to gain unauthorized access to sensitive data or even take control of the entire system. Therefore, it's essential to have a robust API security posture to protect your organization from potential threats. What is API posture management? API posture management refers to the process of monitoring and managing the security posture of your APIs. It involves identifying potential vulnerabilities and misconfigurations that could be exploited by attackers, and taking the necessary steps to remediate them. Posture management also helps organizations classify sensitive data and ensure that it's compliant with the leading data compliance regulations such as GDPR, HIPAA, and PCI DSS.  As mentioned above, APIs are a popular target for attackers
Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking

Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking

May 27, 2023 API Security / Vulnerability
A critical security vulnerability has been disclosed in the Open Authorization (OAuth) implementation of the application development framework Expo.io. The shortcoming, assigned the CVE identifier  CVE-2023-28131 , has a severity rating of 9.6 on the CVSS scoring system. API security firm Salt Labs  said  the issue rendered services using the framework susceptible to credential leakage, which could then be used to hijack accounts and siphon sensitive data. Under certain circumstances, a threat actor could have taken advantage of the flaw to perform arbitrary actions on behalf of a compromised user on various platforms such as Facebook, Google, or Twitter. Expo, similar to Electron, is an open source platform for developing universal native apps that run on Android, iOS, and the web. It's worth noting that for the attack to be successful, sites and applications using Expo should have configured the AuthSession Proxy setting for single sign-on (SSO) using a third-party provider
Are Your APIs Leaking Sensitive Data?

Are Your APIs Leaking Sensitive Data?

May 22, 2023 API Security / Cybersecurity
It's no secret that data leaks have become a major concern for both citizens and institutions across the globe. They can cause serious damage to an organization's reputation, induce considerable financial losses, and even have serious legal repercussions. From the infamous Cambridge Analytica scandal to the Equifax data breach, there have been some pretty high-profile leaks resulting in massive consequences for the world's biggest brands. Breaches can also have a huge impact on individuals as well – ultimately leading to the loss of personal information, such as passwords or credit card details, which could be used by criminals for malicious purposes. Most notably victims are left vulnerable to identity theft or financial fraud.  When you think about the sheer volume of these leaks, one would imagine that the world would stop and focus on the attack vector(s) being exploited. The unfortunate reality is the world didn't stop. To make things more interesting, the most
Why Shadow APIs are More Dangerous than You Think

Why Shadow APIs are More Dangerous than You Think

Apr 13, 2023 API Security / Cyber Security
Shadow APIs are a growing risk for organizations of all sizes as they can mask malicious behavior and induce substantial data loss. For those that aren't familiar with the term, shadow APIs are a type of application programming interface (API) that isn't officially documented or supported.  Contrary to popular belief, it's unfortunately all too common to have APIs in production that no one on your operations or security teams knows about. Enterprises manage thousands of APIs, many of which are not routed through a proxy such as an API gateway or web application firewall. This means they aren't monitored, are rarely audited, and are most vulnerable.  Since they aren't visible to security teams, shadow APIs provide hackers with a defenseless path to exploit vulnerabilities. These APIs can potentially be manipulated by malicious actors to gain access to a range of sensitive information, from customer addresses to company financial records. Considering the potential
Expert Insights / Articles Videos
Cybersecurity Resources