API

Pierluigi Paganini February 02, 2023
API management (APIM): What It Is and Where It’s Going

Analyzing the concept of API management (APIM), its benefits, and what it will look like as the API landscape continues to evolve. There are two fundamental truths in the API landscape. So, where does this leave businesses that want to leverage the power of APIs? For starters, they need to invest in an API security […]

Pierluigi Paganini June 14, 2022
API Security Best Practices

Organizations face the constant need to protect these APIs from attacks so they can protect organizational data. Organizations are rapidly opening their ecosystem through Application Programming Interfaces (API) by ensuring seamless access to data and interaction with external software components and services. APIs are the gateway to providing the high security of data in an […]

Pierluigi Paganini September 25, 2020
Twitter warns developers of possible API keys leak

Twitter is warning developers that their API keys, access tokens, and access token secrets may have been exposed in a browser’s cache. Twitter is sending emails to developers to warn them that their API keys, access tokens, and access token secrets may have been exposed in a browser’s cache. According to the social media firm, […]

Pierluigi Paganini February 04, 2020
Hackers abused Twitter API to match usernames to phone numbers

Twitter discloses a security incident involving third-parties that exploited its official API to match phone numbers with Twitter usernames. On December 24, 2019 the company discovered that its API were exploited by a large network of fake accounts to match Twitter usernames to phone numbers. The company immediately suspended the involved accounts. “On December 24, 2019 we […]

Pierluigi Paganini January 01, 2020
Expert finds Starbucks API Key exposed online

Developers at Starbucks left exposed an API key that could be used by an attacker to access internal systems and manipulate the list of authorized users. The development team at Starbucks left exposed an API key that could be used by an attacker to access company internal systems and manipulate the list of authorized users. […]

Pierluigi Paganini October 09, 2018
Project Strobe, what will change after the Google security breach?

Google announced a security breach that may have exposed data of over 500,000 users of its Google+ social network, these are the measures in response to the incident. Yesterday Google announced a security breach that may have exposed data of over 500,000 users of its Google+ social network. Security experts and privacy advocated criticized the […]

Pierluigi Paganini August 12, 2015
Facebook API flaw Left 1.44 Billion Users’ Identities at risk

A security flaw in the Facebook API allows hackers to decrypt and scan user IDs, nearly 1.44 billion Facebook users are at risk of identity theft. The security researcher Reza Moaiandin, Technical Director at Salt Agency, discovered a flaw in Facebook’s API that can allow hackers to scan for user ID, and that leaves about […]

Pierluigi Paganini April 01, 2015
A researcher discovered two security issues in the GITHUB platform

A security researcher discovered a couple of security issues on GitHub platform explaining how it is possible to exploit them in real attack scenarios. The researcher David Sopas (@dsopas) from Websegura discovered a couple of security issues in the coding website GitHub that were ranked by the company as minor, but that could expose users to cyber attacks. […]

Pierluigi Paganini March 25, 2015
Instagram API could be exploited to serve malicious links

A security researcher has discovered a reflected filename download vulnerability affecting the Instagram API that could be exploited to share malicious links. The security researcher David Sopas from WebSegura has discovered a serious vulnerability in the Instagram API that could be exploited by hackers to post a link to a web resource they manage. By exploiting […]