AppCheck Security Blog

Top Tech: Yorkshire Award

Top Tech: Yorkshire is an awards programme to celebrate the top tech companies in Yorkshire (if that wasn’t obvious from the name) in collaboration with Miils & Reeve and The Business Desk.

Since walking away with a trophy at the Top Tech: Yorkshire 2018 awards last year Mills & Reeve caught up with Lloyd Devey, sales and operations director of AppCheck. Read more about what he had to say.

read more

Top Tech: Yorkshire Award

Top Tech: Yorkshire is an awards programme to celebrate the top tech companies in Yorkshire (if that wasn’t obvious from the name) in collaboration with Miils & Reeve and The Business Desk.

Since walking away with a trophy at the Top Tech: Yorkshire 2018 awards last year Mills & Reeve caught up with Lloyd Devey, sales and operations director of AppCheck. Read more about what he had to say.

Read more

vBulletin Zero Day Vulnerability Released by Anonymous Source

AppCheck's Head of Development states: "We have confirmed the exploit does work and is an unauthenticated RCE that attackers can exploit. Depending on the user level they access this could range from simply accessing data, editing it or even full system takeover. Earlier today we have included a plug-in for our customers to identify and safely exploit this vulnerability."

Read more

Web Application Security Seminar - November 2019

Web Application Security Seminar

A Practical View of the Most Common Threats Facing Web Apps Today
The Web Application Security seminar is a free event that presents a detailed analysis of the most common threats facing web applications today. We will review high profile examples and provide a technical breakdown of critical security flaws along with an introduction into emerging technologies such as HTML5.
Each candidate will receive a copy of the slides and exclusive tools and exploit code used in the live hacking demonstrations.

Read more

What is SDLC? Software Development Life Cycle Explained

The managed and coordinated development of software is typically modelled using something known as the Software Development Life Cycle. Although exact processes will vary between companies – and sometimes between teams within a company – the SDLC model divides the process of software development work into universal and distinct high-level phases.

Read more

Case Study - Leeds Credit Union

We always like it when companies take proactive steps towards IT security – even better when they are based in Leeds and we get to support a local business.

See what Leeds Credit Union had to say about us when we sat down and caught up with their IT team.

Read more

Data Breach Report: 17 Million Ecuador Citizen's Personal Data Leaked

A recent data leak discovered by vpnMentor security researchers and reported by The Register includes most of Ecuador’s 16.6 million population including 6.7 million children.
The size of the data leak actually totals around 20.8 million user records once duplicate records and even records of deceased persons are factored in.
Most of the data appears to have come from the Ecuadorian government's civil registry and included personal data to the effect of full names, dates of birth, address details, national identification numbers, marital status, phone numbers, education levels and even bank details such as current balances.

Read more

AppCheck Webinar: Cross-Site Scripting (XSS)

Cross-Site Scripting (XSS) is by far the most widespread high impact vulnerability, present even in the best of web applications, regardless of the framework or programming language employed - a burly steadfast member of the OWASP Top Ten.
Here at AppCheck the client-side nature of typical XSS has led to a general underappreciation of its exploitation potential, though a good understanding of the vulnerability and its subtle variations will show how it can be used to devastating effect... and more importantly: how it can be avoided.
In this seminar we will build up piece-by-piece an understanding of XSS that spares no detail.

Read more

Unicode Normalization Vulnerabilities & the Special K Polyglot

Many applications and systems have adopted Unicode as a method of encoding and storing string data. This blog post looks at some of the security flaws that can arise due to Unicode Normalization in modern web applications.

Read more

Case Study - The Royal College of Emergency Medicine

'A major factor in choosing AppCheck was that it quickly shows the areas we need to act on and eliminates the guesswork.' See what The Royal College of Emergency Medicine had to say about us when we sat down and caught up with their IT team.

Read more

8 Tips to Improve IT Security for SMEs

When we think of cyber-attacks our minds often flash to larger corporations and massive data leaks for millions of customers, but these are just the ones we see reported in the news. In fact the Verizon 2019 Data Breach Report found that 43% of breaches involved small business victims.

Cyber-attacks are on the rise and for most SMEs trying to get your head around them and protect your business can be a daunting and difficult task. We have complied a list of 8 steps to help prevent breaches including practical advice on what to do should a breach occur.

Read more