News

Morningstar

Intruder Introduces Autoswagger: The Free Tool To Expose Hidden API Authorization Flaws

Attack Surface Management Leader Enables Organizations to Check APIs for Common and Easily Exploitable API Vulnerabilities Intruder, a leader in attack surface management, has launched Autoswagger—a ...
SiliconANGLE

Intruder releases free tool to detect broken API authorization

Attack surface management company Intruder Solutions Ltd. today announced the launch of AutoSwagger, a free, open-source tool that scans OpenAPI-documented application programming interfaces for ...
InfoWorld

How to secure ASP.Net Web APIs using authorization filters

Security is a major concern in web-based enterprise applications. When you need to transmit data over the wire, you should be aware of the various tools you can use to secure that data. ASP.Net Web ...
CSOonline

Why API attacks are increasing and how to avoid them

Australian energy company Jemena has been using APIs, in some form, for about a decade. Its use of APIs — application programming interfaces — has jumped recently and is expected to increase fivefold ...
Threat Post

Deprecated, Insecure Apple Authorization API Can Be Abused to Run Code at Root

An insecure Apple authorization API is used by numerous popular third-party application installers and can be abused by attackers to run code as root. A deprecated Apple authorization API, invoked by ...
ZDNet

GraphQL API authorization flaw found in major B2B financial platform

Cybersecurity firm Salt Labs discovered a GraphQL API authorization vulnerability in a large B2B financial technology platform. It would give attackers the ability to submit unauthorized transactions ...