Security News

Content delivery platform provider Akamai announced Wednesday platform security enhancements intended to increase cybersecurity protections for web applications, APIs and user accounts. Akamai said its machine learning algorithms leverage insights from a dataset of over 1.3 billion daily client interactions to automate threat detections, time-consuming tasks and security logic to help cybersecurity analysts make better decisions faster.

SmartBear has released a new plug-in for SwaggerHub API design to support IntelliJ IDEA, the popular Java-based integrated developer environment. API developers familiar with IntelliJ IDEA now have ready access to the OpenAPI compliant SwaggerHub API design platform to create, organize, and document APIs.

Approov introduced release 2.7 of the Approov API Shielding platform which lets companies of all sizes adopt leading-edge, affordable API cybersecurity protections for mobile-based applications. Approov aligns mobile app API security investments with the company's business growth and budget.

Qrypt announced a web portal that provides access to a quantum cryptography API. This will allow most businesses to integrate the highest level of security into their applications, according to the company. The company's Cloud Entropy Portal provides quantum-safe random numbers for any application, especially cryptographic key generation.

Security experts recommend setting basic security standards for all your data feeds, enlisting help from procurement and doing an API inventory. Hundreds of third-party apps in Android devices were given access to sensitive data logged by contact-tracing apps built on Google and Apple's API, according to reports from security researchers in April.

To help organizations protect against ransomware attacks and recover from them if they happen, NIST has published an infographic offering a series of simple tips and tactics. Collaboration between network access brokers and ransomware actors deepensIn this Help Net Security podcast, Brandon Hoffman, CISO at Intel 471, discusses about the increased collaboration between network access brokers and ransomware operators, and how they funcion it today's threat landscape.

API security firm 42Crunch has raised $17 million in a Series A funding round led by Energy Impact Partners and joined by Adara Ventures. In 2019, Gartner stated, "By 2022, API abuses will move from an infrequent to the most-frequent attack vector, resulting in data breaches for enterprise web applications." Its proposed solution was, "Use a Combination of API Management and Web Application Firewalls to Protect APIs, in Conjunction with Identity Infrastructure."

Vanson Bourne surveyed 750 application security decision makers responsible for their organization's application development and security to get their perspectives on data breaches, top application security vulnerabilities, and the most important product capabilities needed to defend against multi-vector application attacks. Overall, the findings indicate that more needs to be done to protect against application security threats, particularly newer threats like bot attacks, API attacks, and supply chain attacks.

The MountLocker ransomware operation now uses enterprise Windows Active Directory APIs to worm through networks. In March 2021, a new group ransomware group emerged called 'Astro Locker' that began using a customized version of the MountLocker ransomware with ransom notes pointing to their own payment and data leak sites.

Amazon Web Services announced AWS App Runner, a fully managed container application service that makes it easier and faster for customers to build, deploy, and run containerized web applications and APIs with just a few clicks. Customers simply provide their source code, container image, or deployment pipeline and AWS App Runner builds and deploys the web application or API, load balances network traffic, scales capacity up or down based on demand, monitors application health, and encrypts traffic by default.