all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

API Abuse – Lessons from the Duolingo Data Scraping Attack

Add to bookmarks
Aug. 25, 2023, 4:50 p.m. | Tim Erlin

Security Boulevard securityboulevard.com

It’s been reported that 2.6 million user records sourced from the Duolingo app are for sale. The attacker apparently obtained them from an open API provided by the company. There’s a more technical explanation available here.  While we talk a lot about the vulnerabilities in the OWASP API Top-10 and the exploits associated with those [...]


The post API Abuse – Lessons from the Duolingo Data Scraping Attack appeared first on Wallarm.


The post API Abuse – Lessons from …

abuse api api abuse api discovery api security app application security attack data data scraping duolingo owasp owasp api owasp top 10 rate limiting sale scraping technical the company vulnerabilities

Visit resource

More from securityboulevard.com / Security Boulevard

USENIX Security ’23 – Beyond Typosquatting: An In-depth Look at Package Confusion 15 hours ago | securityboulevard.com
access authors beyond conference +19
Breaking Down Cybersecurity: The Real Meaning Behind the Jargon 20 hours ago | securityboulevard.com
authenticity availability breaking cia +19
What is General Data Protection Regulation Act (GDPR)? 21 hours ago | securityboulevard.com
act adoption center challenges +32
Cloud Monitor Automation Improves K-12 Cybersecurity Training & Awareness 1 day, 7 hours ago | securityboulevard.com
automation awareness chief cloud +28
USENIX Security ’23 – UVSCAN: Detecting Third-Party Component Usage Violations in IoT Firmware 1 day, 11 hours ago | securityboulevard.com
access authors conference events +15
Local Privilege Escalation Vulnerability in Ant Media Server (CVE-2024-32656) 1 day, 12 hours ago | securityboulevard.com
ant application customers cve +21
Understanding Cybersecurity Vulnerabilities 1 day, 12 hours ago | securityboulevard.com
advice attacks can cybersecurity +12
Bridging the Gap: Uniting Development and AppSec 1 day, 13 hours ago | securityboulevard.com
application security appsec aspm bridging the gap +20
Open-Source Software Security 1 day, 15 hours ago | securityboulevard.com
blog blog post cloud cloud-native +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Associate Compliance Advisor

@ SAP | Budapest, HU, 1031
View on infosec-jobs.com

DevSecOps Engineer

@ Qube Research & Technologies | London
View on infosec-jobs.com

Software Engineer, Security

@ Render | San Francisco, CA or Remote (USA & Canada)
View on infosec-jobs.com

Associate Consultant

@ Control Risks | Frankfurt, Hessen, Germany
View on infosec-jobs.com

Senior Security Engineer

@ Activision Blizzard | Work from Home - CA
View on infosec-jobs.com
View more jobs