API

  • Blog

    Security researchers set up an API honeypot to dupe hackers – and the results were startling

    Attackers are quick off the mark in targeting and accessing APIs to enter company networks and steal data, according to the results of an API ‘honeypot’. API security firm Wallarm set up their trap last month, and has now reported on its first 20 days of activity. “We expected that it might take longer to have compelling data to report,…

    Read More »
  • Blog

    API attacks are spiraling out of control

    More than eight-in-ten UK organizations experienced an API attack last year, according to new research, and it’s costing them a fortune to remediate. Analysis from Akamai found that the number of API-related attacks soared from 69% in 2023 to 83% this year – and the situation’s worse when it comes to the UK’s critical infrastructure. The study noted that 94.1%…

    Read More »
  • Blog

    DocuSign’s Envelopes API abused to send realistic fake invoices

    Threat actors are abusing DocuSign’s Envelopes API to create and mass-distribute fake invoices that appear genuine, impersonating well-known brands like Norton and PayPal. Using a legitimate service, the attackers bypass email security protections as they come from an actual DocuSign domain, docusign.net. The goal is to have their targets e-sign the documents, which they can then use to authorize payments…

    Read More »
  • Blog

    Exploitation of Docker remote API servers has reached a “critical level”

    Hackers are exploiting unprotected Docker remote API servers to deploy malware, with researchers stating the threat has reached a “critical level” and warning organizations to act now. A report from Trend Micro published on 21 October details how researchers observed an unknown threat actor abusing exposed docker remote API servers to deploy the ‘perfctl’ malware. The attack sequence begins with…

    Read More »
  • Blog

    API and bot attacks are costing businesses billions – and they’re on the rise

    Insecure Application Programming Interfaces (APIs) and bot attacks are costing organizations billions, with large companies particularly at risk. In a new analysis of more than 161,000 unique cybersecurity incidents, the security firm Imperva found that API-related security incidents rose by 40% across 2022 and by a further 9% in 2023. Bot-related security incidents rose by 88% across the same period.…

    Read More »
  • Blog

    The top API risks of 2024 and how to mitigate them

    Application programming interfaces (API) have become an inextricable pillar of the digital world – but come with inherent risks that must be addressed. APIs have long been the easiest way for applications to interact with one another, especially as platforms have become fragmented across a diverse range of services and vendors. They help developers request services from an operating system…

    Read More »
Back to top button
close