Netanyahu’s Likud Party election app leaked personal info on Israel’s 6.4M voters
Monday, February 10, 2020
Exposed was voters’ personal information, including names, addresses and identity card numbers as well as phone numbers and gender.
“Security weaknesses affecting APIs are rapidly becoming one of the most critical aspects of modern application security,” said Ilia Kolochenko, Founder and CEO of ImmuniWeb.
As was evident with the IowaReporter app that wreaked such havoc last week for the Democrats, testing is often given short shrift.
The apps “complexity and architectural obscurity hinder security testing with traditional tools and automated scanners,” Kolochenko said, leaving “many dangerous security flaws remain undetected for years.” As do attacks that exploit those flaws.
“The APIs are riddled with a full spectrum of OWASP API Security Top 10 issues, some of which are intertwined and require chained exploitation,” Kolochenko said. “Moreover, compared to web applications, virtually no APIs or web services are protected by a WAF, making them a perfect target for cybercriminals.” Read Full Article
SC Media: Active Directory domain controllers spreading ransomware: After Brexit, it’s .SaveTheQueen!
Forbes: Airport Security Shocker As 97% Of World’s Top 100 Fail Cybersecurity Testing