API Authorization Archives

Dell Hell Redux — More Personal Info Stolen by ‘Menelik’

Phish Ahoy! Hacker took advantage of Dell’s lack of anti-scraping defense ...

Security Boulevard

Caricature of Mark Zuckerberg, with superimposed text: “oops.”

Facebook/Insta FAIL — ‘Anonymous Sudan’ has a Super Tuesday: ‘We Did It.’

Shooper Choosday: Was yesterday’s Meta outage outrage caused by a Russian DDoS? ...

Security Boulevard

Digital License Plates: Stupid, Pointless, Insecure

Richi Jennings | January 10, 2023 | API Attack, API Authentication, API Authorization, API security, Automotive Cyber Security, Automotive Security, California, digital license plate, digitalization, DMV, GPS, iot, Privacy, Reviver, Rplate, SB Blogwatch

Reviver’s Rplate digital license plates are insecure: Their design appears to be riddled with privacy holes (not to mention the daft nature of the product itself) ...

Security Boulevard

Securing partner API integrations with OAuth mTLS

Renjith Babu | March 16, 2022 | API Authorization, API best practices, API risk mitigation, API security, application architecture, B2B API protection, General, jwt, OAuth mtls, Partner authorization, RFC8705, Zero Trust Architecture

Securing partner API integrations with OAuth mTLS API access using token-based architectures is already popular, and the authorization and governance of the minted tokens for access becomes very critical for APIs, which ...

Blog - Cloudentity

API Security Best Practices: Avoiding the Top 5 Authentication Errors

Subbu Iyer | July 8, 2021 | API Authentication, API Authorization, api risk, Case Studies, owasp

API authentication errors are listed as the top two threats outlined in the OWASP API Security Top 10, both of which can be traced back to many of the recent publicly disclosed ...

Cequence Security