Enter your email below to sign up for latest updates from Appcheck NG.


Simply complete the info below and we'll send you all you need to activate AppCheck NG and undertake your FREE scan.

Please enter individual IP addresses or ranges

Please enter full URLs for your web applications, and both http and https where appropriate

Advisory: Remote Code Execution Traccar Server <=4.0 (AC-2018-10-8-1)

Our security team discovered a Remote Code Execution (RCE) vulnerability in the GPS vehicle tracking system Traccar (version <= 4.0).  This allows an attacker to compromise the server’s host via a self-registered user account. If you use Traccar server, please update to >= v4.1 as soon as possible. Vulnerability Identification AppCheck ID: AC-2018-10-8-1 CVE: CVE-2018-1000881 Traccar Traccar is […]

Read More

BlackHat & Defcon 2018 Updates

Each year at the beginning of August the world’s best security researchers and hackers get together for two annual security conferences; Black hat and Defcon. Each conference takes place over three days where the latest and greatest new hacking techniques are presented. One thing is for sure, malicious actors are paying attention, and hope to […]

Read More

Is Your Development Life Cycle Truly Secure?

Is your Development Life Cycle truly secure? As app development becomes more complex and incorporates more features than ever, it is critical to make sure security testing is embedded in your security development life cycle. The appetite for faster release cycles has never been greater, but even if your organisation is rushing to production, code […]

Read More

The Importance of Regular Vulnerability Scanning

Why run regular security tests? As we probably all know, information security is a broad subject and for many of us understanding the different layers that can help within this spectrum can be at times difficult. In this blog we will look at the risk and what you as a business could do about it! […]

Read More

AppCheck & The GDPR

AppCheck & The GDPR at a glance Download the pdf here Appcheck and GDPR There is no doubt that the GDPR is serious business. AppCheck has noticed a significant shift in focus by company executives, taking a much more active interest in security matters since the GDPR, and specifically the fines were introduced. Naturally, with […]

Read More

Detect Rogue JavaScript Crypto-Miners with AppCheck

Browser based Crypto-Mining malware has made a dramatic resurgence in 2018 hitting the headlines on several occasions over the past month. Most recently, two major campaigns affecting thousands were reported by The Register with those affected ranging from YouTube to the UK’s Information Commissioner’s Office (Ref 1 Ref 2). Trend Micro reports an increase as high […]

Read More

Hacks, Trends and That GDPR Thing with AppCheck

With the door closed on another year within the ever-expanding cyber security industry, we can look back on some significant moments in 2017 and look forward to a very exciting year for AppCheck in 2018. We have all seen the major hacks that have been constantly reported in the media over 2017 and there is […]

Read More

AppCheck Discovers Vulnerability in Auth0 Library (CVE-2017-17068).

AppCheck discovered a security flaw within the auth0.js JavaScript library that could be exploited by a malicious website to read sensitive access tokens cross-domain. About Auth0 Auth0 provides authentication solutions for a variety of platforms including the ability to integrate social media authentication into an application. “We solve the most complex identity use cases with […]

Read More

New WordPress SQLi Vulnerability Uncovered

A new WordPress SQLi vulnerability has been discovered by security researchers in a WordPress core, it’s strongly recommended to update to version 4.8.3, the latest at the time of writing, if you haven’t done so already. AppCheck-NG had a plugin available in our scanner within hours of the vulnerability being disclosed (31/10/2017), the vulnerability exploits […]

Read More

Apache Struts (CVE-2017-9805)

Apache Struts (CVE-2017-9805) Security researchers announced (https://lgtm.com/blog/apache_struts_CVE-2017-9805_announcement), on 05 September 2017, a critical remote code execution vulnerability in Apache Struts. All Struts versions from 2008 are affected making web applications using the REST plugin vulnerable. It is recommended to upgrade to Apache Struts version 2.5.13 or 2.3.34. Exploitation of the vulnerability allows an attacker to […]

Read More
1 2 3 4