Category

API Security

Category

March has arrived and is roaring like a very confused lion, at least in the northern hemisphere. And much like in the wild, brood production is increasing. We’ve already seen some fruits of that labor, such as the Q4-2022 and 2022 Year-End ThreatStats™ Report, and some very tasty product upgrades. Read on for this month’s bit o’ honey. Greetings everyone! We’ve been keeping an eye on the API threat landscape, and some notable API vulnerabilities…

In 2022, the Wallarm Threat Research team went through almost 350,000 reports to find 650 API-specific vulnerabilities, and tracked 115 published exploits impacting these vulnerabilities – all of which could negatively impact your business risk posture. The 2022 Year-End API ThreatStats™ Report presents the analysis and discussion of 2022 API vulnerability, exploit and (new, for this report) attack data. We also offer some predictions to help improve your API security in 2023. According to John…

The Wallarm Detect team has found exploit attempts in the wild of CVE-2022-31678 and CVE-2021-39144. The original vulnerabilities were found in VMware NSX Manager at the end of last year, and can lead to remote code execution (RCE) by pre-authenticated attackers. The CVE-2022-31678 vulnerability was found in VMware NSX Manager and exposes software to XXE (XML External Entity Injection) attacks; when combined with the CVE-2021-39144 vulnerability, which impacts the 3rd party library XStream, this can…

We’re pleased to present the latest quarterly review and analysis of API vulnerabilities and exploits. This time, we’re going to split our discussion into two parts: today this quarterly review, and soon hereafter our year-in-review report. The Q4-2022 ThreatStats™ Report infographic is entitled “Mind the API Time-to-Exploit Gap” because we found a startling negative change in the time between an API CVE being published (which is when most of us find out about a vulnerability)…

Argo CD is a popular Continuous Deployment tool that enables DevOps teams to manage their applications across multiple environments. However, in the past two weeks, three critical vulnerabilities have been detected in the tool, exposing sensitive information and compromising the security of the system. In this article, we will discuss the three vulnerabilities and their impact on the system, as well as the patches and workarounds available. Let’s dive into it! The first vulnerability (CVE-2023-22736)…

ImageMagick is a popular open-source image manipulation library used by many websites and software applications to process and display images. A couple of vulnerabilities have recently been discovered in ImageMagick by MetabaseQ. Two vulnerabilities CVE-2022-44267 and CVE-2022-44268 allow attackers to arbitrarily read files and cause DoS on the affected system. The payload to exploit this vulnerability is simple, which makes it easier for attackers to take advantage of the vulnerability. Example of first exploitation payload…