API Authentication
Facebook/Insta FAIL — ‘Anonymous Sudan’ has a Super Tuesday: ‘We Did It.’
Richi Jennings | | Anonymous, Anonymous Hacking Collective, Anonymous Sudan, API Authentication, API Authentication Errors, API Authorization, Application DDoS, application-layer DDoS attacks, Cloud DDoS, cloud outage, ddos, DDoS attack, DDoS attacks, Downtime and outages, facebook, Facebook accounts, facebook breach, facebook instagram hack, facebook login, Facebook outage, Instagram, Instagram outage, instagram vulnerability, Internet outage, internet outages, InternetOutage, Meta, Meta Networks, outage, Outage Investigation, outages, SB Blogwatch, Storm-1359, Stupidity of Instagram, Threads
Shooper Choosday: Was yesterday’s Meta outage outrage caused by a Russian DDoS? ...
Security Boulevard
Digital License Plates: Stupid, Pointless, Insecure
Richi Jennings | | API Attack, API Authentication, API Authorization, API security, Automotive Cyber Security, Automotive Security, California, digital license plate, digitalization, DMV, GPS, iot, Privacy, Reviver, Rplate, SB Blogwatch
Reviver’s Rplate digital license plates are insecure: Their design appears to be riddled with privacy holes (not to mention the daft nature of the product itself) ...
Security Boulevard
Multi-Tenant SaaS Authentication Bypass or Works-as-Designed?
Four months ago, researchers at Cequence discovered an authentication vulnerability in the Lithium community forum platform (now part of Khoros), that warranted a responsible disclosure submission. The vulnerability impacts Khoros customers using ...
API Security Best Practices: Avoiding the Top 5 Authentication Errors
API authentication errors are listed as the top two threats outlined in the OWASP API Security Top 10, both of which can be traced back to many of the recent publicly disclosed ...