Tag Archive for: APIs

2024 cybersecurity shifts to be driven by AI & APIs

/in


In an era where technology permeates every aspect of life, Karl Mattson, Field CISO at Noname Security, places the spotlight on the trending topics he predicts will shape the cybersecurity landscape in 2024. Mattson’s projections span geopolitical conflict, artificial intelligence (AI), the AI industry, and API regulation, drawing on a year characterised by “seismic” change in cybersecurity, accelerated by AI adoption and geopolitical complexities.

Significant is the convergence of real and digital battlefields, where cyber warfare stands as a prominent aspect of a nation’s strategies in large scale conflicts. Mattson foresees a surge in cyber risks and the evolution of more sophisticated countermeasures, instigated by the broadening application of cyberattacks targeting critical infrastructure with an aim to impede a nation’s operation on the ground. This escalation in cyber threats reinforces the urgency for fortified security measures and comprehensive global cooperation, to ensure risks are mitigated effectively.

Artificial Intelligence (AI) is set to immensely disrupt the cybersecurity sphere, as demonstrated by the pioneering ChatGPT’s launch, which extended AI’s appeal and functionality from niche markets to the public sphere. However, as AI tools become increasingly accessible, they equip malevolent actors with enhanced capabilities to supplement their cyberattacks. Mattson predicts, “AI will likely enable an increase in the sophistication and scalability of attacks,” underscoring the dual nature of this technology.

Moreover, Mattson stipulates that the reality of AI technology development and its surrounding industry will possibly witness their most tumultuous year in 2024. This will primarily transpire due to an evident divide between the public and private sectors. Government regulations are progressively circumscribing and scrutinising AI technologies due to their burgeoning potential, leading to the establishment of policies and safety summits. This has created a chasm between government-regulated and unregulated entities, necessitating different companies to align their own policies on AI technologies.

Regulation in 2024 will also shape the world of…

Source…

DeleFriend Vulnerability Could Allow Unwanted Access to APIs, According to Researchers

/in


Hunters researchers noted the vulnerability could lead to privilege escalation. Google said the report “does not identify an underlying security issue in our products.”

Cybersecurity researchers from the firm Hunters discovered a vulnerability in Google Workspace that could allow unwanted access to Workspace APIs. The flaw is significant in that it could let attackers use privilege escalation to gain access that would otherwise only be available to users with Super Admin access. Hunters named this security flaw DeleFriend.

Jump to:

Vulnerability uncovered in Google’s domain-wide delegation

According to the Hunters team, the vulnerability is based on Google Workspace’s role in managing user identities across Google Cloud services. Domain-wide delegation (DWD) connects identity objects from either Google Workspace Marketplace or a Google Cloud Platform Service Account to Workspace.

Domain-wide delegation can be used by attackers in two main ways: to create a new delegation after having gained access to a Super Admin privilege on the target Workspace environment through another attack, or to “enumerate successful combinations of service account keys and OAuth scopes,” Hunters said. This second way is the novel method the researchers have discovered. Yonatan Khanashvilli, threat hunting expert at Team Axon at Hunters, posted a much more detailed explanation of DeleFriend.

Response from Google

Hunters disclosed this flaw to Google in August 2023 and wrote, “Google is currently reviewing the issue with their Product team to assess potential actions based on our recommendations.”

An anonymous Google representative told The Hacker News in November 2023, “This report does not identify an underlying security issue in our products. As a best practice, we encourage users to make sure all accounts have the least amount of privilege possible (see guidance here). Doing so is key to combating these types of attacks.”

Why this Google Workspace vulnerability is particularly dangerous

Hunters said this vulnerability is particularly dangerous because it is long-term (GCP Service account keys do not have expiry dates by default), easy to hide and hard to…

Source…

The growth of APIs attracts Cybercrime: How to prepare against cyber attacks

/in


Application Programming Interfaces (APIs) have profoundly transformed the internet’s fabric. In the pre-API era, digital interactions were limited by siloed systems functioning in isolation. APIs dismantled these barriers by introducing a universal language that diverse applications could comprehend. This linguistic bridge facilitated an unprecedented level of interconnectivity between software entities.

APIs are the conduits through which software components communicate, interact, and share functionalities; this has led to an environment where applications, platforms, and services seamlessly collaborate, transcending their capabilities. The internet, once a collection of discrete entities, has morphed into an intricate web of interwoven functionalities that users traverse effortlessly.

Moreover, APIs have been instrumental in democratizing technological innovation. By allowing developers to harness existing functionalities, APIs accelerate the creation of novel solutions, propelling the evolution of applications across domains like e-commerce, mobile apps, cloud computing, and beyond.

The concept of modularity has been reshaped by APIs, giving rise to microservices architecture. This approach, underpinned by APIs, enables applications to be composed of smaller, specialized services that communicate harmoniously. Consequently, scalability, maintenance, and flexibility are greatly enhanced.

In essence, APIs have unfurled a landscape where digital interactions are fluid, innovation is rapid, and the internet’s potential is boundless. The transformation they’ve ushered in has redefined how we envision, construct, and experience the digital realm.

As API adoption increases, so too have the attacks launched upon them. Unique attackers have grown by 400% within a six-month period. And API attacks can be highly damaging; an attack on the Australian telecoms giant Optus exposed the information of more than a third of Australia’s total population. This article will explore the evolving landscape of API-based cyber threats and outline practical strategies to bolster your defenses.

API-Related Cyber Threats

  • Injection Attacks: Like traditional software applications, APIs are…

Source…

APIs are placing your enterprise at risk

/in


At a surface level, APIs help businesses to connect applications and share data with one another. This creates an easier, more seamless experience for customers and users. If you have ever used your Google account to log into multiple sites or apps, chances are you are using a Google-developed API to do so. APIs like this work in the background to power much of the streamlined user experience that is taken for granted. Therefore we need to ensure stronger API security across mobile apps, or all of their benefits will be for naught.

vulnerable APIs

Stolen API keys are the culprit behind some of the largest cyberattacks to date. We see the headlines and we read the news stories, but we often fail to realize the broad consequences – particularly the notable impacts on enterprise mobile security. Consider the news earlier this year of 3,000+ mobile applications leaking Twitter’s API keys, meaning bad actors could compromise thousands of individual accounts and conduct a slew of nefarious activities.

Imagine if this was your company and the role was reversed and hundreds or even thousands of mobile applications were leaking the API keys to your corporate Gmail, Slack or OneDrive accounts. If this or similar scenarios were to happen, employee devices and sensitive company data would be at extreme risk.

The recent push to focus on API security comes at a critical time where more enterprises are relying on enterprise mobility, meaning increasing a reliance on mobile app connectivity. A recent survey of US and UK-based security directors and mobile applications developers found that 74% of respondents felt mobile apps were critical to business success. Further, mobile apps were also found to help businesses both earn revenue and enable customers to access services.

Additionally, 45% of respondents in this same survey said that an attack against APIs that took a mobile app offline would have a significant impact on their business. These results only affirm what we already know – mobile apps are critical to enterprise mobility and productivity.

API security risks can lead to full device takeover

While APIs have many advantages, their ubiquitous use in mobile applications is also a glaring…

Source…