Security News

Domain Brand Monitor: The First Brand Protection Layer by WhoisXML API
2021-09-23 13:00

An alarming 32% of sample domains containing the names of the 10 most-impersonated brands have been found malicious by WhoisXML API researchers. Domain Brand Monitor detected 182 ways by which "Amazon" can be misspelled.

Payment API Bungling Exposes Millions of Users’ Payment Data
2021-09-20 19:02

App developers have once again been accused of having butterfingers when it comes to API keys, leaving millions of mobile app users at risk of exposing their personal and payment data. "But like so much of cybersecurity, it's a could-a, should-a situation:"CloudSEK has observed that a wide range of companies - both large and small - that cater to millions of users have mobile apps with API keys that are hardcoded in the app packages," according to CloudSEK researchers Arshit Jain and Sai Ahladini Tripathy.

Bring Your APIs Out of the Shadows to Protect Your Business
2021-09-20 13:00

Shadow APIs can also be present when applications are not properly decommissioned, leaving APIs accessible and vulnerable to attack. Because you can't protect what you can't see, it is imperative that you discover, catalog, and bring your shadow APIs under governance before they are discovered by bad actors and exploited.

7 Ways to Defend Mobile Apps, APIs from Cyberattacks
2021-09-02 12:51

Hackers can easily access devices through mobile apps. Mobile app security threats have arisen over the years.

Top 3 API Vulnerabilities: Why Apps are Pwned by Cyberattackers
2021-08-31 13:29

Whether the app is on your mobile device, entertainment system or garage door, APIs are what developers use to make applications function. Some background on what makes APIs such a security concern.

New Passwordless Verification API Uses SIM Security for Zero Trust Remote Access
2021-08-26 02:47

As companies nudge their staff to return to communal workspaces, many workers don't actually want to - more than 50 percent of employees would rather quit, according to research by EY. While HR teams worry over the hearts and minds of staff, IT security professionals have a different battle plan to draft - how to make the new normal of the hybrid workplace secure. In a hybrid workplace, a Zero Trust strategy means ever-tightening security.

New Passwordless Verification API Uses SIM Security for Zero Trust Remote Access
2021-08-26 02:47

As companies nudge their staff to return to communal workspaces, many workers don't actually want to - more than 50 percent of employees would rather quit, according to research by EY. While HR teams worry over the hearts and minds of staff, IT security professionals have a different battle plan to draft - how to make the new normal of the hybrid workplace secure. In a hybrid workplace, a Zero Trust strategy means ever-tightening security.

Postman Public API Network now serves 17M users and 500k organizations
2021-08-09 23:00

Postman announced its Public API Network is now the largest API hub in the world, serving 17 million users and 500,000 organizations worldwide. The Postman Public API Network is a global directory of thousands of public APIs, connecting developers around the globe and providing a central catalog of APIs built for discovery, exploration, and sharing.

ThreatX API Catalog enables enterprises to reduce risk and protect critical APIs
2021-08-06 02:00

ThreatX announced new API Catalog capabilities to provide enterprises with a clear view of their API's attack surface, as well as the operational health of APIs in production. ThreatX supports DevOps and Security teams by assessing traffic in real-time to reduce risk and protect critical APIs from misconfiguration, DDoS, BOT attacks and malicious use.

Week in review: Verifiable credentials, API security, how to develop a skilled cybersecurity team
2021-08-01 08:00

How to develop a skilled cybersecurity teamWhat skills should aspiring information security workers possess and work on? What certifications can come in handy more than others? What strategies should organizations employ to develop a well-staffed cybersecurity team? Where should they look for talent? What advice do those already working in the field have for those who want to enter it? How can secure KVM technology help eliminate security risks?John Minasyan leads Belkin's cybersecurity business unit focused on solutions to mitigate advanced threats at an operator's desk.