Log4Shell Log4j U.S. cyber games fileless malware

Log4Shell – The API Security Challenge

Last week’s Log4Shell vulnerability is a dramatic example of how modern applications, interconnected services and pervasive APIs can create substantial security challenges. As a security researcher who has spent years looking at API vulnerabilities, this is an excellent example of how things can go wrong. I recently was in a ... Read More
Security Boulevard
Vulnerable Code

A Deep Dive On The Most Critical API Vulnerability — BOLA (Broken Object Level Authorization)

In this article, I dig into the details about Broken Object Level Authorization (BOLA) — the most common and most severe API vulnerability today according to the OWASP API Security Project. Insecure Direct Object Reference (IDOR) and BOLA are the same thing. The name was changed from IDOR to BOLA ... Read More