FORT MEADE, Md. – The National Security Agency (NSA) has partnered with U.S. and international cyber agencies to release the Cybersecurity Advisory (CSA), “Preventing Web Application Access Control Abuse,” warning that vulnerabilities in web applications, including application programming interfaces (APIs), can allow malicious actors to manipulate and access sensitive data.
Malicious cyber actors can abuse web applications and APIs to compromise sensitive data, potentially affecting web applications and cloud-based services used by National Security Systems (NSS), the U.S. Department of Defense (DoD), and the Defense Industrial Base (DIB).