Another API Security Breach: Life360 Data Breach
It’s not always LogicalAnother day, another API breach in the news. The latest breach occurred on the Life360 platform where an advisory was able to gleam 400k user phone numbers, based on the article written on Bleepingcomputer.com.Known only by their 'emo' handle, they said the unsecured API endpoint used to ... Read More
The Dell API Breach: It could have been prevented
As you may have seen in the news, a hacker stole 49 million customer records from Dell. The attack wasn’t novel or sophisticated. Instead, the attacker used a business logic flaw and an API to scrape 49 million records from Dell. How did they do it? Here is the attack ... Read More
What is PCI DSS 4.0 and why is API security such a critical component?
Earlier this year, the PCI Security Standards Council issued a new version of the PCI Data Security Standard ( PCI DSS). The PCI DSS is the compliance measuring stick to which entities that transmit, store, handle, or accept credit card data — regardless of processing volume or size — must ... Read More
