Security News

An unsecured API used in a product demo can be exploited by attackers to track phone locations without the consent of end users.

The apps are deemed malicious by doing things such as capturing pictures and audio when the app is closed, or making an unusually large amount of network calls.

The API, which has almost reached formal adoption, provides a vendor-neutral method for organizations to use password-less authentication.

WebAuthn and CTAP published this week A pair of authentication standards published this week have received endorsement from Mozilla, Microsoft and Google: the WebAuthn API, and the FIDO Alliance's...

A new Imperva survey showed a heightened concern for cybersecurity risk related to API use. Specifically, 63 percent of respondents are most worried about DDoS threats, bot attacks, and...

For programmers and software developers, the Internet forums provide a great place to exchange knowledge and seek answers to concrete coding conundrums. Alas, they are not always the source of...

When people think about complex security challenges, airport security might be the most familiar. The scope of challenges and implications of breaches are daunting. This is especially true when...

Instagram has confirmed that “one or more individuals obtained unlawful access to a number of high-profile Instagram users’ contact information — specifically email address and phone number — by...

An insecure Apple authorization API is used by numerous popular third-party application installers and can be abused by attackers ro run code as root.

Netflix has published tools and information to help defenders identify systems that could be leveraged by malicious actors for damaging application layer distributed denial-of-service (DDoS)...