Researchers at Cequence Security today published new information about a recent surge in API attacks, a major source of vulnerability that Cequence believes businesses aren’t sufficiently protecting against. “Tales from the Front Line” offers an insider’s analysis of one customer’s data (anonymized) from specific API attacks over the last four weeks. CQ Prime researchers found:
- up to an 85% week over week increase in malicious traffic since the pandemic lockdown
- the Android Login API is a significant target
- attackers continuously vary the attack fingerprint to gain success – one campaign showed almost 1.5 million IP addresses using over 4 million different user agents
- attackers often find unsecured API endpoints through enumeration
- in some cases, malicious bots generate up to 80-90% of all traffic – requiring expensive operational build-out
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.