Lots of #Kubernetes clusters end up with APIs publicly exposed on the internet. @binaryedgeio located many of them by testing IP-ADDRESS:PORT/api/v1/pods for various servers.
Lots seem to have been already hijacked by cryptominers. https://t.co/o6GuqYu4Bw
A relatively minor #Facebook API vulnerability: between Sept 13 and 25, their API gave developers access to more photos than users shared (marketplace, stories, drafts). No actual breach known. Potential impact: 6.8 mln users, 1,500 apps from 876 devs
End of the year articles start popping up. In @businessinsider, @paigeleskin summarizes 21 biggest data breaches of 2018. Lots are API-related. The list is obviously not comprehensive (Panera, etc are missing) but shows the trend and scale of the issue! https://t.co/c65eO5yOM6
According to @donrucker, US Office of the National Coordinator for Health IT @ONC_HealthIT will soon release new requirements on standard open API for patient data access. The goal is to ensure #security yet enable mobile & other #healthcare apps. https://t.co/GtBrV94oN4