Категории

Trellos 15M API Breach: What the Hack?!?

Опубликовано: 14 Февраль 2024
на канале: Erik Wilde
1k
75

On January 16, 2024, an attacker by the name "emo" put 15,115,516 user profiles for sale on the dark web. What the Hack happened?!? Let's have a closer look at how this happened and what would have been necessary to prevent this from happening.

The user data included "emails, usernames, full names and other account info" according to the post on the dark web forum. While Trello user profiles are publicly accessible, they are not associated with personal email addresses. This breach connected the public info with the private email details.

In this video with Dan Barahona we look at how the breach took place, how the attacker leveraged weak authentication and collected 500M exposed email addresses to harvest 15M Trello user accounts, and learn how this attack maps to the API Security Top 10.

Read more about the breach here:

Register for APIsec University's free OWASP API Security Top 10 course here:

Visit the API Security Top 10 project page:

Смотрите видео Trellos 15M API Breach: What the Hack?!? онлайн без регистрации, длительностью 10 минут 49 секунд в хорошем hd качестве. Это видео добавил пользователь Erik Wilde 14 Февраль 2024, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 1 тысяч раз и оно понравилось 7 людям.

play_arrow
36,59
31

جرس كنيسة اللاتين الأثرية يدق في سماء بغداد الحبيبة A Historic Church in Baghdad

جرس كنيسة اللاتين الأثرية يدق في سماء بغداد الحبيبة A Historic Church in Baghdad
play_arrow
12,04
19

Река Большой Иргиз, город Пугачев

Река Большой Иргиз, город Пугачев
play_arrow
15,10
45

Меркантильная птица!

Меркантильная птица!

play_arrow
70
5

TWIST MASTR, SPEAKS! her TRUTH! on being a entrepreneur in Minnesota! Celebrity Clients, & MORE!!

TWIST MASTR, SPEAKS! her TRUTH! on being a entrepreneur in Minnesota! Celebrity Clients, & MORE!!
play_arrow
1

new song ke bare Arjun r mehda kya bole kab aa rha final song

new song ke bare Arjun r mehda kya bole kab aa rha final song
play_arrow
1,09
11

Увлекательная поездка в Калининград! Mitsubishi из Якутии! НА КОЛЁСАХ 12серия

Увлекательная поездка в Калининград! Mitsubishi из Якутии! НА КОЛЁСАХ 12серия
play_arrow
67,23
2.9 тыс

5 Graphic Design Elements For 2023

5 Graphic Design Elements For 2023
play_arrow
1,66
2

Kawasaki KFX 700, Prairie, How To Reset The Belt Light, Limp Mode

Kawasaki KFX 700, Prairie, How To Reset The Belt Light, Limp Mode
Похожие видео
play_arrow
Flow Engineering: From Value Stream Mapping to Effective Action

Flow Engineering: From Value Stream Mapping to Effective Action
play_arrow
Upcoming Events: API Days London 2024

Upcoming Events: API Days London 2024
play_arrow
Green IT: Reducing the Environmental Footprint of IT and APIs

Green IT: Reducing the Environmental Footprint of IT and APIs
play_arrow
OpenAPI Initiative Hangout: Introducing the Arazzo Specification

OpenAPI Initiative Hangout: Introducing the Arazzo Specification
play_arrow
End-to-end Automation of API Product Delivery

End-to-end Automation of API Product Delivery
play_arrow
State of Webhooks: How Webhooks are used in APIs in 2023

State of Webhooks: How Webhooks are used in APIs in 2023
play_arrow
Enabling Microservice Success: Managing Technical, Organizational, and Cultural Challenges

Enabling Microservice Success: Managing Technical, Organizational, and Cultural Challenges
play_arrow
AI as a Copilot for APIs: Generating and Using API SDKs

AI as a Copilot for APIs: Generating and Using API SDKs
play_arrow
Describing API Workflows: Introducing the Arazzo Specification

Describing API Workflows: Introducing the Arazzo Specification
play_arrow
Platform Engineering Maturity: How to build a Good Platform

Platform Engineering Maturity: How to build a Good Platform
play_arrow
Upcoming Events: API Days Helsinki 2024

Upcoming Events: API Days Helsinki 2024
play_arrow
Operations in Complex IT Landscapes: Governance as a Critical Ingredient

Operations in Complex IT Landscapes: Governance as a Critical Ingredient
play_arrow
Automating API Changelogs: How to improve API developer experience

Automating API Changelogs: How to improve API developer experience
play_arrow
Data Contracts: Creating APIs for Your Data

Data Contracts: Creating APIs for Your Data
play_arrow
Building Platforms with Intent: You can not not build a Platform

Building Platforms with Intent: You can not not build a Platform
play_arrow
Peloton's 4M User Breach: What the Hack?!?

Peloton's 4M User Breach: What the Hack?!?
play_arrow
Upcoming Events: API Days Singapore 2024

Upcoming Events: API Days Singapore 2024
play_arrow
This is not BBC! OpenAI Sora is the Future of Video

This is not BBC! OpenAI Sora is the Future of Video
play_arrow
Trello's 15M API Breach: What the Hack?!?

Trello's 15M API Breach: What the Hack?!?
play_arrow
The API Landscape: Tracking Trends, Technologies, and Products in the API Space

The API Landscape: Tracking Trends, Technologies, and Products in the API Space
play_arrow
What are Standard Webhooks and what can they do for you?

What are Standard Webhooks and what can they do for you?
play_arrow
Essentials of API Lifecycle Management: Free Webinar

Essentials of API Lifecycle Management: Free Webinar
play_arrow
API Futures 2024: Predictions from API Experts at API Days Paris 2023

API Futures 2024: Predictions from API Experts at API Days Paris 2023
play_arrow
Why Data Mesh: Decentralizing Data Management

Why Data Mesh: Decentralizing Data Management