AppCheck Security Blog

Competition: Win a Year of FREE Unlimited Scanning

Would you like to win a year of free unlimited vulnerability scanning?

AppCheck will be giving away a FREE one year licence for our security scanning platform.
To enter just visit our stand (#F40) or either of our talks at the Digital Transformation Expo, fill out a competition entry form and hand to an AppCheck representative.

read more

Competition: Win a Year of FREE Unlimited Scanning

Would you like to win a year of free unlimited vulnerability scanning?

AppCheck will be giving away a FREE one year licence for our security scanning platform.
To enter just visit our stand (#F40) or either of our talks at the Digital Transformation Expo, fill out a competition entry form and hand to an AppCheck representative.

Read more

AppCheck is Celebrating its 5th Birthday!

AppCheck is celebrating its 5th birthday today!

As we look back on our success and look forward to many more years to come we would just like to thank all our hard working staff, dedicated customers and amazing partners for all their support! We couldn't do this without you.

Read more

Top Tech: Yorkshire Award

Top Tech: Yorkshire is an awards programme to celebrate the top tech companies in Yorkshire (if that wasn’t obvious from the name) in collaboration with Miils & Reeve and The Business Desk.

Since walking away with a trophy at the Top Tech: Yorkshire 2018 awards last year Mills & Reeve caught up with Lloyd Devey, sales and operations director of AppCheck. Read more about what he had to say.

Read more

vBulletin Zero Day Vulnerability Released by Anonymous Source

AppCheck's Head of Development states: "We have confirmed the exploit does work and is an unauthenticated RCE that attackers can exploit. Depending on the user level they access this could range from simply accessing data, editing it or even full system takeover. Earlier today we have included a plug-in for our customers to identify and safely exploit this vulnerability."

Read more

Data Breach Report: 17 Million Ecuador Citizen's Personal Data Leaked

A recent data leak discovered by vpnMentor security researchers and reported by The Register includes most of Ecuador’s 16.6 million population including 6.7 million children.
The size of the data leak actually totals around 20.8 million user records once duplicate records and even records of deceased persons are factored in.
Most of the data appears to have come from the Ecuadorian government's civil registry and included personal data to the effect of full names, dates of birth, address details, national identification numbers, marital status, phone numbers, education levels and even bank details such as current balances.

Read more

AppCheck Webinar: Cross-Site Scripting (XSS)

Cross-Site Scripting (XSS) is by far the most widespread high impact vulnerability, present even in the best of web applications, regardless of the framework or programming language employed - a burly steadfast member of the OWASP Top Ten.
Here at AppCheck the client-side nature of typical XSS has led to a general underappreciation of its exploitation potential, though a good understanding of the vulnerability and its subtle variations will show how it can be used to devastating effect... and more importantly: how it can be avoided.
In this seminar we will build up piece-by-piece an understanding of XSS that spares no detail.

Read more

8 Tips to Improve IT Security for SMEs

When we think of cyber-attacks our minds often flash to larger corporations and massive data leaks for millions of customers, but these are just the ones we see reported in the news. In fact the Verizon 2019 Data Breach Report found that 43% of breaches involved small business victims.

Cyber-attacks are on the rise and for most SMEs trying to get your head around them and protect your business can be a daunting and difficult task. We have complied a list of 8 steps to help prevent breaches including practical advice on what to do should a breach occur.

Read more

British Airways fined £183m following recent cyber attack

Since the introduction of GDPR regulations in May 2018 the possible consequences of hacks have increased with data breaches now potentially leading to large fines.

At the back end of last year British Airways became a target of a cyber attack which compromised the financial data of it’s customers.
For a period of around 2 weeks hackers exploited the British Airlines website undetected, being able to access personal and financial details of customers, believed to be around 400,000. Being able to access names, addresses, credit card numbers, expiry dates and even three-digit CVV codes on the back of the cards gave the hackers everything they needed to make fraudulent payments.

Read more

Amazon S3 Buckets Expose Data of Major Companies

Three AWS S3 Buckets, owned by data management company Attunity, have exposed customer data of some major global companies. This data was found on publicly accessibly Amazon S3 Buckets which were not password protected and includes email correspondence, system passwords, sales and marketing contact information, project specifications and employee personal data. The total size of the leak is still unclear.

Read more

Is Your Development Life Cycle Truly Secure?

As app development becomes more complex and incorporates more features than ever, it is critical to make sure security testing is embedded in your security development life cycle. The appetite for faster release cycles has never been greater, but even if your organisation is rushing to production, code needs to be secure before it is deployed.

Read more