API Security - Security Boulevard https://securityboulevard.com/category/editorial-calendar/api-security/ The Home of the Security Bloggers Network Tue, 17 Oct 2023 14:08:24 +0000 en-US hourly 1 https://wordpress.org/?v=6.3.2 https://securityboulevard.com/wp-content/uploads/2021/10/android-chrome-256x256-1-32x32.png API Security - Security Boulevard https://securityboulevard.com/category/editorial-calendar/api-security/ 32 32 133346385 Cisco Zero-Day: As Bad as it Gets — and No Fix 4 Weeks in https://securityboulevard.com/2023/10/cisco-0day-cve-2023-20198-richixbw/ Tue, 17 Oct 2023 14:06:25 +0000 https://securityboulevard.com/?p=1992600 The Golden Gate Bridge, under an blood-red sky

Keeping us in suspense—It doesn’t get worse than this: CVE-2023-20198 is CVSS=10.

The post Cisco Zero-Day: As Bad as it Gets — and No Fix 4 Weeks in appeared first on Security Boulevard.

]]> 1992600 Google Pushes ‘Passkeys’ Plan — but it’s Too Soon for Mass Rollout https://securityboulevard.com/2023/10/google-forcing-passkeys-richixbw/ Tue, 10 Oct 2023 16:52:42 +0000 https://securityboulevard.com/?p=1991953 A small bunch of keys on a stark, white background

FIDO FAIL: “Killing passwords” is a worthy goal—but is coercion the best way?

The post Google Pushes ‘Passkeys’ Plan — but it’s Too Soon for Mass Rollout appeared first on Security Boulevard.

]]> 1991953 iPhone/iPad Warning: Update Now to Avoid Zero-Day Pain https://securityboulevard.com/2023/10/ios-7-0-3-update-richixbw/ Fri, 06 Oct 2023 15:26:53 +0000 https://securityboulevard.com/?p=1991731 Three iPhone 15s sit on a wicker table, with the words “PATCH NOW!” macro’ed on top

Apple’s embarrassing regression: iOS 17.0.3 fixes yet more nasty zero-days (and the overheating bug).

The post iPhone/iPad Warning: Update Now to Avoid Zero-Day Pain appeared first on Security Boulevard.

]]> 1991731 Broken ARM: Mali Malware Pwns Phones https://securityboulevard.com/2023/10/arm-mali-gpu-richixbw/ Tue, 03 Oct 2023 15:51:43 +0000 https://securityboulevard.com/?p=1991291 A tailor’s dummy hand is separated from its arm

Exploited in the wild: Yet more use-after-free vulns in Arm’s Mali GPU driver.

The post Broken ARM: Mali Malware Pwns Phones appeared first on Security Boulevard.

]]> 1991291 China-Backed Hacks of Cisco Routers Worry Feds — BlackTech Revenge? https://securityboulevard.com/2023/09/china-blacktech-cisco-richixbw/ Thu, 28 Sep 2023 16:03:01 +0000 https://securityboulevard.com/?p=1990760 a PRC flag flies in a stiff breeze

TTP: IOS EEM CLI BBQ LOL—FBI, NSA, CISA join Japan’s NISC to warn of espionage group linked to Chinese Communist Party.

The post China-Backed Hacks of Cisco Routers Worry Feds — BlackTech Revenge? appeared first on Security Boulevard.

]]> 1990760 More iOS Zero-Days, More Mercenary Spyware — This Time: Cytrox Predator https://securityboulevard.com/2023/09/ios-zero-cytrox-predator-richixbw/ Mon, 25 Sep 2023 17:01:38 +0000 https://securityboulevard.com/?p=1990217 Ahmed El-Tantawy

Apple Scrambled to Fix 3 More CVEs: Egyptian opposition presidential candidate Ahmed Eltantawy targeted “by the government.

The post More iOS Zero-Days, More Mercenary Spyware — This Time: Cytrox Predator appeared first on Security Boulevard.

]]> 1990217 Patch EVERYTHING: Widely Used ‘WebP’ Code has Critical Bug https://securityboulevard.com/2023/09/patch-everything-widely-used-webp-code-has-critical-bug/ Wed, 13 Sep 2023 17:10:18 +0000 https://securityboulevard.com/?p=1989037 The Google WebP logo

WebP FAIL. Critical vuln in libwebp: Go get updates to Chrome, Firefox, Edge, Slack and more.

The post Patch EVERYTHING: Widely Used ‘WebP’ Code has Critical Bug appeared first on Security Boulevard.

]]> 1989037 API Security’s Role in Protecting Retail Cloud Apps https://securityboulevard.com/2023/09/api-securitys-role-in-protecting-retail-cloud-apps/ Tue, 12 Sep 2023 13:00:43 +0000 https://securityboulevard.com/?p=1987624 API security, API, cloud, audits, testing, API security vulnerabilities testing BRc4 Akamai security pentesting ThreatX red team pentesting API APIs Penetration Testing

Protection from API security threats is crucial, especially for retail companies that hold sensitive customer and financial data.

The post API Security’s Role in Protecting Retail Cloud Apps appeared first on Security Boulevard.

]]> 1987624 ‘BLASTPASS’ iPhone Exploit — Apple Asleep at the Switch https://securityboulevard.com/2023/09/blastpass-apple-fail-richixbw/ Mon, 11 Sep 2023 16:58:41 +0000 https://securityboulevard.com/?p=1988758 A man has fallen asleep on top of his books and papers

Zero click, zero day, zero clue: Yet another iOS zero-day lets NSO’s Pegasus “mercenary spyware” cause chaos.

The post ‘BLASTPASS’ iPhone Exploit — Apple Asleep at the Switch appeared first on Security Boulevard.

]]> 1988758 Google Kills 3rd-Party Cookies — but Monopolizes AdTech https://securityboulevard.com/2023/09/google-privacy-sandbox-richixbw/ Fri, 08 Sep 2023 17:39:16 +0000 https://securityboulevard.com/?p=1988593 Google Android malware

Firefox looking good right now: “Privacy Sandbox” criticized as a proprietary, hypocritical, anti-competitive, self-serving contradiction.

The post Google Kills 3rd-Party Cookies — but Monopolizes AdTech appeared first on Security Boulevard.

]]> 1988593