Millions of Kia Vehicles Open to Remote Hacks via License Plate

September 27, 2024 at 04:13PM Millions of Kia vehicles had a flaw that allowed attackers to remotely control them using license plate information. Researchers found this vulnerability in Kia, Honda, Infiniti, Nissan, Acura, BMW, Mercedes, and other vehicles. This highlights ongoing concerns over the cybersecurity of connected vehicles and the need for stronger authentication and … Read more

Millions of Kia Cars Were Vulnerable to Remote Hacking: Researchers

September 27, 2024 at 07:03AM Security researcher Sam Curry discovered vulnerabilities in a Kia owners’ website that could have enabled attackers to remotely control millions of cars. The issues allowed for harvesting personal information and creating a second user account without the owner’s knowledge. Kia acknowledged the flaws in June 2024 and implemented a fix … Read more

The API Security Crisis: Why Your Company Could Be Next

August 7, 2024 at 10:08AM API security is a critical concern as companies face evolving and increasingly dangerous threats. The rapid proliferation of poorly secured APIs makes organizations vulnerable to significant breaches. To address this, companies must catalog their APIs, adopt a zero-trust approach, and implement robust security measures, as well as prioritize ongoing monitoring … Read more

Verizon Subsidiary Settles With FCC for $16M Over Three Data Breaches

July 24, 2024 at 08:39AM Telecommunications provider TracFone Wireless has agreed to a $16 million civil penalty to settle investigations into three data breaches involving the compromise of customer information. The breaches, occurring between Jan 2021 and Jan 2023, exploited APIs and led to unauthorized access to customer information. TracFone will implement an information security … Read more

Verizon to pay $16 million in TracFone data breach settlement

July 23, 2024 at 12:35PM Verizon Communications has settled a $16 million agreement with the FCC over three data breaches at its subsidiary, TracFone Wireless, after its 2021 acquisition. The breaches involved unauthorized access and exposed customer data. As part of the settlement, Verizon must enhance data security measures, including API vulnerability reduction, SIM change … Read more

Cyber Insights 2024: APIs – A Clear, Present, and Future Danger

February 28, 2024 at 10:51AM The annual Cyber Insights series by SecurityWeek discusses pressing cybersecurity issues. The 2024 edition addresses the evolving role of CISOs, the dilemma of API security, and the expanding attack surface. It includes perspectives from industry experts and highlights the growing need for proactive security measures. The threats to APIs are … Read more

How Continuous Pen Testing Protects Web Apps from Emerging Threats

November 29, 2023 at 10:50AM The increasing reliance on web-based apps for various tasks makes them prime targets for hackers due to multiple dependencies, valuable data storage, and insecure APIs. Successful breaches can cause data loss, reputational damage, and spread malware. Continuous monitoring, like Outpost24’s PTaaS, is crucial for real-time vulnerability identification and mitigation. Meeting … Read more

Top 10 API Security Threats for Q3 2023

November 14, 2023 at 08:09AM The Q3 ‘API Threatstats’ report reveals two main findings: API vulnerabilities are growing rapidly, necessitating a new compilation of the top ten API security threats. Wallarm’s report delves into different vulnerability categories with real-life examples, emphasizing their new approach to threat listing. They present the Top 10 API threats in … Read more