Techly NewsGet the app

Get the latest tech news

A Misconfiguration That Haunts Corporate Streaming Platforms Could Expose Sensitive Data


A security researcher discovered that flawed API configurations are plaguing corporate livestreaming platforms, potentially exposing internal company meetings—and he's releasing a tool to find them.

New findings presented today at the Defcon security conference in Las Vegas, though, indicate that streaming platforms used for things like internal corporate broadcasts and sports livestreams can contain basic design flaws that allow anyone to access a vast swath of content without logging in. Independent researcher Farzan Karimi first realized years ago that misconfigurations in application programming interfaces, or APIs, exposed streaming content to unauthorized access. But he emphasizes that more utilitarian platforms for corporate streaming and other live events—including always-on cameras in sports arenas and other venues that are meant to only be accessible at certain times—are likely vulnerable and exposing video that is thought to be protected.

Get the Android app

Or read this on Wired

Read more on:

Photo of sensitive data

sensitive data

Photo of misconfiguration

misconfiguration

Related news:

News photo

Browser Extensions Pose Serious Threat to Gen-AI Tools Handling Sensitive Data

News photo

Microsoft Used China-Based Support for Multiple U.S. Agencies, Potentially Exposing Sensitive Data

News photo

Microsoft Used China-Based Support for Multiple U.S. Agencies, Potentially Exposing Sensitive Data

« Should you upgrade to mesh? I compared it with a traditional Wi-Fi router, and here's my advice
The Troubling Decline in Conscientiousness »