Tales from the Front Lines: Attackers Target APIs with GET-Based ATOs
This blog will describe how account takeovers (ATO) can be executed against APIs using GET methods, as opposed to POST. It’s an excellent example of how bad actors will analyze an application to uncover potential attack vectors. A Brief Primer on GET and POST The GET method allows you to ... Read More