X CLOSE

Enter your email below to sign up for latest updates from Appcheck NG.

placeholder+image
CLOSE

Simply complete the info below and we'll send you all you need to activate AppCheck NG and undertake your FREE scan.

Please enter individual IP addresses or ranges

Please enter full URLs for your web applications, and both http and https where appropriate

AppCheck & The GDPR

AppCheck & The GDPR at a glance Download the pdf here Appcheck and GDPR There is no doubt that the GDPR is serious business. AppCheck has noticed a significant shift in focus by company executives, taking a much more active interest in security matters since the GDPR, and specifically the fines were introduced. Naturally, with […]

Read More

Detect Rogue JavaScript Crypto-Miners with AppCheck

Browser based Crypto-Mining malware has made a dramatic resurgence in 2018 hitting the headlines on several occasions over the past month. Most recently, two major campaigns affecting thousands were reported by The Register with those affected ranging from YouTube to the UK’s Information Commissioner’s Office (Ref 1 Ref 2). Trend Micro reports an increase as high […]

Read More

Hacks, Trends and That GDPR Thing with AppCheck

With the door closed on another year within the ever-expanding cyber security industry, we can look back on some significant moments in 2017 and look forward to a very exciting year for AppCheck in 2018. We have all seen the major hacks that have been constantly reported in the media over 2017 and there is […]

Read More

AppCheck Discovers Vulnerability in Auth0 Library (CVE-2017-17068).

AppCheck discovered a security flaw within the auth0.js JavaScript library that could be exploited by a malicious website to read sensitive access tokens cross-domain. About Auth0 Auth0 provides authentication solutions for a variety of platforms including the ability to integrate social media authentication into an application. “We solve the most complex identity use cases with […]

Read More

New WordPress SQLi Vulnerability Uncovered

A new WordPress SQLi vulnerability has been discovered by security researchers in a WordPress core, it’s strongly recommended to update to version 4.8.3, the latest at the time of writing, if you haven’t done so already. AppCheck-NG had a plugin available in our scanner within hours of the vulnerability being disclosed (31/10/2017), the vulnerability exploits […]

Read More

Apache Struts (CVE-2017-9805)

Apache Struts (CVE-2017-9805) Security researchers announced (https://lgtm.com/blog/apache_struts_CVE-2017-9805_announcement), on 05 September 2017, a critical remote code execution vulnerability in Apache Struts. All Struts versions from 2008 are affected making web applications using the REST plugin vulnerable. It is recommended to upgrade to Apache Struts version 2.5.13 or 2.3.34. Exploitation of the vulnerability allows an attacker to […]

Read More

Petya Ransomware: The Basics

Petya Ransomware: The Basics A little over two months on since WannaCry set the internet on fire, a new release of ransomware is spreading around the world, as experts unfortunately warned might happen. While the speed at which WannaCry spread was alarming, it was ultimately flawed by a botched sandbox evasion that acted as a […]

Read More

Critical Joomla 3.7 SQL Injection Vulnerability Patched

On the 17th of May 2017, the Joomla team issued a patch for a high severity security flaw that could allow a remote unauthenticated attacker to execute arbitrary SQL queries on the target system. A malicious attacker could exploit this flaw to read, create, modify and delete data stored within the database. It is also […]

Read More

WanaCrypt0r – Ransom Attack

WanaCrypt0r – Ransom Attack With the global spread of this particular malware on Friday and the media coverage it has received, it is understandable that many customers are wanting to know more about this threat and what they can do to protect against it. WannCrypt0r was an interesting step up in previous ransom ware for […]

Read More

New Apache Struts Zero Day Vulnerability Discovered

New Apache Struts Zero Day Vulnerability Discovered On the 6th March 2017 information security researchers have discovered a Zero-Day vulnerability in Apache Struts web application framework, which is being actively exploited in the wild and is under active attack. Apache Struts is a free, open-source, Model-View-Controller (MVC) framework for creating elegant, modern Java web applications, […]

Read More
1 2 3 4