Security News

F5 Networks introduced NGINX Controller 3.0, a cloud-native application delivery solution to help organizations increase business agility, mitigate risk, and enhance their customers' digital experiences. NGINX Controller combines a broad set of app services, including load balancing, API management, analytics, and service mesh with an application-centric approach.

Exploits for Citrix ADC and Gateway flaw abound, attacks are ongoingWith several exploits targeting CVE-2019-19781 having been released over the weekend and the number of vulnerable endpoints still being over 25,000, attackers are having a field day. January 2020 Patch Tuesday: Microsoft nukes Windows crypto flaw flagged by the NSAAs forecasted, January 2020 Patch Tuesday releases by Microsoft and Adobe are pretty light: the "Star of the show" is CVE-2020-0601, a Windows flaw flagged by the NSA that could allow attackers to successfully spoof code-signing certificates and use them to sign malicious code or intercept and modify encrypted communications.

API abuse is an ongoing problem and is expected to escalate in the coming years, as the number of API implementations continues to grow. The OWASP API Security Project aims to provide software developers and code auditors with information about the risks brought on by insecure APIs.

How can organizations reap the rewards of APIs while ensuring consumer data is secure? 2019 was the worst year ever for data breaches and, what's more, today's consumers are increasingly savvy about their data.

Security analysts say multifactor authentication is an absolute must for any company running multiple interfaces.

The long-standing Waterbear campaign has returned with new evasion capabilities, employing API hooking techniques to hide its network behavior from security products, Trend Micro reports. read more

In a move to address today’s major problem behind privacy – making encryption usable – StrongSalt announced the first Open Privacy API for searching and sharing encrypted data in cloud services...

Polte Corporation, a leading innovator of Cloud Location over Cellular (C-LoC) technology, announced the Polte Location API is now available in the Amazon Web Services (AWS) Marketplace. Polte...

CloudVector, the first API Threat Protection platform to go beyond the gateway, announced the launch of its namesake solution, which discovers, monitors and secures APIs to prevent data breaches....

Reveille, a provider of active insight solutions for ECM and EIM content, announced the company will showcase their new integration with Microsoft Defender Advanced Threat Protection (ATP)....