API Shield - New BOLA Vulnerability Detection for API Shield
7mo ago
Source
CloudflareAPI Shield - New BOLA Vulnerability Detection for API Shieldcloudflare.comNow, API Shield automatically searches for and highlights Broken Object Level Authorization (BOLA) attacks on managed API endpoints. API Shield will highlight both BOLA enumeration attacks and BOLA pollution attacks, telling you what was attacked, by who, and for how long. You can find these attacks three different ways: Security Overview, Endpoint details, or Security Analytics. If these attacks are not found on your managed API endpoints, there will not be an overview card or security analytics suspicious activity card. From the endpoint details, you can select View attack to find details about the BOLA attacker’s sessions. From here, select View in Analytics to observe attacker traffic over time for the last seven days. Your search will filter to traffic on that endpoint in the last seven days, along with the malicious session IDs found in the attack. Session IDs are hashed for privacy and will not be found in your origin logs. Refer to IP and JA4 fingerprint to cross-reference behavior at the origin. At any time, you can also start your investigation into attack traffic from Security Analytics by selecting the suspicious activity card. We urge you to take all of this client information to your developer team to research the attacker behavior and ensure any broken authorization policies in your API are fixed at the source in your application, preventing further abuse. In addition, this release marks the end of the beta period for these scans. All Enterprise customers with API Shield subscriptions will see these new attacks if found on their zone.
You might also wanna read
Critical IDOR Vulnerability in CoreEvent GraphQL API Exposes Order and Event Data
A critical broken access control vulnerability (IDOR/BOLA) was discovered in the CoreEvent GraphQL API. The getOrder and getEvent queries tr
Five Critical API Vulnerabilities That Enable Data Breaches and System Takeovers
This article examines five critical API vulnerabilities that can lead to severe security breaches, including broken authentication, excessiv
Azure API vulnerability and roles misconfiguration compromise corporate networks
token.security·1y ago
Astra API Security Platform: Comprehensive API Discovery and Security Scanning Solution
Astra's API Security Platform is designed to help security and engineering teams discover undocumented, shadow, zombie, and dormant APIs thr
API Radar Launches Enhanced Service for Detecting Leaked API Keys in GitHub Repositories
API Radar launches a new version of its Live Feed of Leaked API Keys service that continuously discovers exposed API keys in public GitHub r
Ollama API Security Risks: How Exposed LLM Endpoints Become Attack Vectors and How to Mitigate Them
This article warns about the security risks of exposing Ollama's default REST API (port 11434) to the internet or unsecured networks without
undercodetesting.com·6d ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.