Hot Topics

API Abuse

API Abuse Prevention Demo May 2023

Introducing Integrated API Abuse Prevention to Combat Bad Bots

| | API Abuse, API security
In recent years there’s been a rise in “API Abuse” attacks, which includes detrimental automated behaviors such as malicious bots, account takeover (ATO), credential stuffing, application layer (L7) DDoS, data scraping, and ...
Wallarm
ChatGPT Injection: a new type of API Abuse attack may steal your OpenAI API credits

ChatGPT Injection: a new type of API Abuse attack may steal your OpenAI API credits

| | API Abuse, API security, ChatGPT, chatgpt injection, Hacking, Researcher Corner
ChatGPT is spreading like wildfire all over the internet, being used in everything from casual tools to cybersecurity and even industrial applications. It’s so popular, I wouldn’t be shocked if it starts ...
Wallarm
What You Need to Know About Broken Object Level Authorization (BOLA)

What You Need to Know About Broken Object Level Authorization (BOLA)

| | API Abuse, API security, API Security - Analysis, News and Insights, BOLA, Mobile Security
Photo by Claudel Rheault on Unsplash Broken Object Level Authorization (BOLA) is the #1 vulnerability in the OWASP API Security Project’s API Security Top Ten in 2019. Using BOLA, an attacker exploits ...
Approov Blog
Mobile App Security: Uncovering the Risks of Secret Theft at Runtime

Mobile App Security: Uncovering the Risks of Secret Theft at Runtime

| | API Abuse, API Security - Analysis, News and Insights, Fintech, MitM Attack
This is our second blog highlighting the results of the Approov Threat Lab Report ...
Approov Blog
T-Mobile’s SIXTH Breach in 5 years: 37M Users’ PII Leaks

T-Mobile’s SIXTH Breach in 5 years: 37M Users’ PII Leaks

| | 2023 T-Mobile Breach, 5G, api, API Abuse, pii, Privacy, SB Blogwatch, T-Mobile, t-mobile breach, t-mobile data breach, T-Mobile hack
The Un-carrier is In-secure, it seems. Un-believable. In-credibly in-competent. CEO Mike Sievert (pictured) might become un-CEO ...
Security Boulevard
How to Prevent API Abuse on Mobile Apps

How to Prevent API Abuse on Mobile Apps

| | api, API Abuse, API security, API Security - Analysis, News and Insights, Bots, Mobile App Authentication, Mobile Security, Repackaged Apps, Reverse Engineering
API abuse is a growing concern in today's digital landscape, with criminals finding new and innovative ways to exploit APIs for their own gain. According to a recent study by Salt Security, ...
Approov Blog
Is Certificate Pinning Worth it?

Is Certificate Pinning Worth it?

| | API Abuse, API security, API Security - Analysis, News and Insights, certificate pinning, MitM Attack, mobile app development, Mobile Security
In a word - yes; when implemented correctly, certificate pinning is an effective method for securing mobile application traffic by restricting the accepted certificates to just those you are willing to trust ...
Approov Blog
Securing Electric Vehicle Charging Platforms

Securing Electric Vehicle Charging Platforms

| | API Abuse, API Security - Analysis, News and Insights, Bots, Business, Mobile Security, Mobility
Spikes in the prices of fossil fuels have provided yet another incentive for consumers to move towards electric vehicles (EVs). Alongside that trend is the pressing requirement to have a charging infrastructure ...
Approov Blog
How Can Bots Be Prevented?

How Can Bots Be Prevented?

| | API Abuse, API Security - Analysis, News and Insights, Bots, mobile app development
This blog explains bot attacks in detail, how to distinguish good from bad bots, and explains how to let good bots do their useful work while preventing bad bots from doing any ...
Approov Blog
What is Bot Protection?

What is Bot Protection?

| | API Abuse, API Security - Analysis, News and Insights, Bots, Mobile App Authentication, Mobile Security, Reverse Engineering
If you're a mobile app developer, chances are you've heard of bot protection. Bots are programs that run automated tasks over the internet. Although criminals can use them for malicious purposes, such ...
Approov Blog
Load more