Earlier this month, hacker Alexey V. Borodin discovered a method that allows some iOS app users to make "In-App Purchases" for FREE. Because Apple does not link purchases directly to individual customers or devices, a single receipt can be used for multiple transactions. Borodin's method takes advantage of this fact by fooling iOS apps into accepting fake purchase receipts and bypassing Apple’s authentication servers.
Epigen Senior Information Security Architect Trevor Bryant decides it's time to get smart about the art of securing APIs. As it turns out, there's no one-stop-shop to get smart about API security. Bryant retraces his steps as he attempts to become an overnight expert on the topic of API Security.
As promised in my last blog “Big Data, API, and IoT …..Newer technologies protected by older security” here is a deep dive on Big Data security and how to effortlessly secure Big Data effectively. Like many other open source models, Hadoop has followed a path that hasn’t focused much on security. In order to effectively use Big Data, it needs to be secured properly.