Zapier Storage Exposes Sensitive Customer Data Due to Poor User Choices
Zenity research team has recently discovered a potential customer data leakage in Storage by Zapier, a service used for simple environment and state storage for Zap workflows. With only a few simple steps and no authentication, we were able to access sensitive customer data. Given the nature of this flaw, it would be easy for bad actors to recreate our approach and access the same sensitive data without significant expertise.
Is Credential Sharing the Weakest Link in Your Security Strategy?
You might think that the majority of cybersecurity breaches result from carefully planned and executed attacks. You may imagine hackers expertly crafting phishing emails to con employees into giving away access to critical systems, for example, or planting state-of-the-art malware on victims' servers.
Zenity CTO’s New Column Adds Critical Perspective on Citizen Development Security
Dark Reading is a great site to follow if you want to keep up with the latest IT security news and trends. You’ll find plenty of articles on topics like ransomware, supply chain security and insider threats. But one type of security challenge that wasn’t previously covered in a lot of detail on Dark Reading […]
Why Are Low-Code Platforms Becoming the New Holy Grail of Cyberattackers?
Why Are Low-Code Platforms Becoming the New Holy Grail of Cyberattackers? Low-code/no-code platforms for enterprise are booming. With more and more critical business assets now stored and handled by these platforms, it is essential to understand that low-code often leads to a large attack surface. This article will explore low-code/no-code from an attacker’s perspective to […]
For organizations to be more productive and agile in their development processes, understanding the core differences between low-code and no-code applications and platforms is vital. In this article, we take a closer look at low-code vs no-code, explore the benefits of each, and explain how design flaws and security vulnerabilities in these environments are addressed. […]