AppCheck Security Blog

FEATURED POST

**CRITICAL RISK** CVE-2023-27532 Veeam (Multiple Products) – Total Compromise of Host via Unauthorised Access to Credentials in Configuration Database

read more
Filter by:
View all
Case Studies
Events
General
News
Product
Research
Security Alerts
Appcheck - icons

Known Actively Exploited Vulnerabilities Round-up (19.04.24-25.04.24)

This article covers recent vulnerabilities found to be actively exploited. They are categorised based not only on the category of exploitation, but their impact, and versions affected. This article also informs on any official fix and remediation guidance for the listed vulnerabilities.
Read More
Appcheck - icons

Product Update: Windows Patch Detection Enhancements

This new feature update streamlines the process of checking for these changes by automatically scanning Windows devices to identify any missing patches and check for specific patch configurations, such as registry settings. These missing patches and configurations are then cross-referenced against our internal database, known as VulnFeed.
Read More
Appcheck - icons

AppCheck Security Seminar June 2024

If you think you would benefit from understanding how hackers are actively exploiting web applications and APIs today, including hacking demonstrations, prevention techniques, a review of the latest hacks, and a detailed overview of the vulnerability threat landscape, please respond today to secure your seats. (We’ll also take a sneak peek into the benefits, challenges, and recommendations for automated security testing of complex Web Applications and APIs)
Read More
Appcheck - icons

CVE-2024-3400: Palo Alto Networks PAN-OS < v11.1.2 – Unauthorised Execution of Arbitrary Code (RCE) via Command Injection Vulnerability in GlobalProtect Feature

A command injection vulnerability exists in the GlobalProtect feature of Palo Alto Networks PAN-OS software with the configurations for both GlobalProtect gateway and device telemetry enabled. The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Read More
Appcheck - icons

What are ‘Daisy-Chaining’, ‘Pivot Attacks’ and ‘Blended Threats’?

In this blog post we look at what daisy-chaining, blended threats and pivoting mean within a cybersecurity context, the differences between them, and what they can tell us about how attackers go about exploiting weaknesses in an organisation’s cybersecurity attack surface. We wrap up by summarising how this knowledge can be used to better protect against the potentially devastating attacks and exploits they can deliver.
Read More
Appcheck - icons

Single Sign-On (SSO) Now Supported

We’d like to introduce the latest feature to the AppCheck platform: Single Sign-On (SSO). This enhancement stems from customer feedback and has been added to simplify customer access experience. Below we cover what this feature includes, how this benefits our customers and how SSO streamlines access to our platform and integrated services.
Read More

Get in touch

Start your free trial

Simply complete the form and we’ll send you all you need to activate AppCheck and undertake your FREE scan.
Your details
IP Addresses
URLs