all InfoSec news
The Dell API Breach: It could have been prevented
May 17, 2024, 5:26 p.m. | Hadar Freehling
Security Boulevard securityboulevard.com
As you may have seen in the news, a hacker stole 49 million customer records from Dell. The attack wasn’t novel or sophisticated. Instead, the attacker used a business logic flaw and an API to scrape 49 million records from Dell.
How did they do it? Here is the attack flow.
The attacker registered for an account within the Dell ecosystem to be a reseller/partner. They weren’t going to be. But Dell didn’t perform any checks, and within 48 hours, …
api attack attacker breach business customer dell flaw flow hacker in the news logic may novel records scrape
More from securityboulevard.com / Security Boulevard
Understanding Credential Phishing
1 day, 6 hours ago |
securityboulevard.com
Understanding Business Email Compromise (BEC)
1 day, 7 hours ago |
securityboulevard.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC