July 1, 2024 at 02:48PM PortSwigger, the UK company behind Burp Suite software, secures a significant $112 million investment from Brighton Park Capital, marking its first external funding since 2008. With 20,000 clients, including major companies such as Microsoft and Amazon, PortSwigger’s products automate security testing for web applications and APIs, enhancing attack surface visibility … Read more
April 16, 2024 at 02:02PM YouTube has announced that third-party apps blocking ads during video playback violate its Terms of Service. Apps using YouTube APIs to block ads may soon be blocked from developer APIs, warning users may experience extended buffering or errors when loading videos. YouTube emphasized protecting creators’ revenue and suggests ad-free viewing … Read more
February 1, 2024 at 10:07PM APIs are critical in the digital economy but can pose data security risks due to their proliferation. Shadow APIs and lack of visibility exacerbate these challenges. F5’s solution emphasizes inventory management, discovery, validation, and comprehensive visibility. Utilizing AI and ML, it offers intelligent risk mitigation and assists in unified management … Read more
January 30, 2024 at 05:02PM Apple is modifying iOS, Safari, and the App Store to adhere to the EU’s Digital Markets Act. The changes will enable support for third-party app stores, non-Apple payment options, and alternative web browsers. This includes over 600 new APIs. However, Apple warns of increased risks such as malware and fraud … Read more
November 14, 2023 at 12:40PM Truepill, a B2B pharmacy platform, has notified individuals of a data breach in which threat actors accessed sensitive personal information. The breach affects 2,364,359 people and includes data such as full names, medication types, demographic information, and names of prescribing physicians. Social Security numbers were not exposed. Multiple class action … Read more
November 6, 2023 at 03:05AM APIs are increasingly prevalent in today’s Internet-connected world, enabling devices and applications to exchange information and improve user experiences. However, as API usage increases, security implications arise. Attackers are becoming more sophisticated in targeting payment APIs, with traditional protection techniques proving ineffective. With the holiday season approaching, e-commerce platforms face … Read more
November 6, 2023 at 03:05AM The text discusses the importance of APIs in the digital landscape and their role in driving cloud-based solutions. It highlights the need for comprehensive API security strategies due to the vulnerabilities and risks associated with APIs. The text also provides recommendations for securely embracing the future of cloud computing. Richard … Read more
October 23, 2023 at 03:19PM The US National Association of State Chief Information Officers (NASCIO) released its 2023 State CIO Top Ten Policy and Technology Priorities. The priorities include cybersecurity and risk management, digital government and services, workforce training, legacy modernization, identity and access management, cloud services, consolidation and optimization, data and information management, broadband … Read more
October 18, 2023 at 08:48AM Fraud prevention provider Fingerprint has raised $33 million in a Series C funding round, bringing its total funding to $77 million. The Chicago-based company offers a device identification platform-as-a-service that helps organizations identify fraudsters while providing a seamless experience for legitimate users. Their device fingerprinting technology and flexible APIs enable … Read more
October 12, 2023 at 09:59AM The recently fixed vulnerabilities in the command-line tool curl and the libcurl library require security teams to identify and remediate impacted systems. The vulnerabilities can only be exploited under specific conditions. Organizations should scan their environment using software analysis tools to assess which systems are using curl and libcurl. Additionally, … Read more