AppCheck Security Blog
Featured post
AppCheck & The GDPR
/ Posted March 15, 2018
There is no doubt that the GDPR is serious business. AppCheck has noticed a significant shift in focus by company executives, taking a much more active interest in security matters since the GDPR, and specifically the fines were introduced. Naturally, with that comes a never-ending list of vendors claiming to solve the GDPR problem. In truth, no one product or service can achieve compliance, rather the GDPR requires a strategy that includes a thorough understanding of your responsibilities, exposure and requirements to demonstrate compliance with the six principals of the GDPR.
read moreFilter by:
AppCheck & The GDPR
News Product / Posted March 15, 2018
There is no doubt that the GDPR is serious business. AppCheck has noticed a significant shift in focus by company executives, taking a much more active interest in security matters since the GDPR, and specifically the fines were introduced. Naturally, with that comes a never-ending list of vendors claiming to solve the GDPR problem. In truth, no one product or service can achieve compliance, rather the GDPR requires a strategy that includes a thorough understanding of your responsibilities, exposure and requirements to demonstrate compliance with the six principals of the GDPR.
Read moreDetect Rogue JavaScript Crypto-Miners with AppCheck
News Product / Posted February 14, 2018
Browser based Crypto-Mining malware has made a dramatic resurgence in 2018 hitting the headlines on several occasions over the past month. Most recently, two major campaigns affecting thousands were reported by The Register with those affected ranging from YouTube to the UK’s Information Commissioner’s Office.
Read moreHacks, Trends and That GDPR Thing with AppCheck
Events Product / Posted January 08, 2018
With the door closed on another year within the ever-expanding cyber security industry, we can look back on some significant moments in 2017 and look forward to a very exciting year for AppCheck in 2018.
Read moreAppCheck Discovers Vulnerability in Auth0 Library (CVE-2017-17068)
Research Security Alerts / Posted December 13, 2017
AppCheck discovered a security flaw within the auth0.js JavaScript library that could be exploited by a malicious website to read sensitive access tokens cross-domain.
Read moreNew WordPress SQLi Vulnerability Uncovered
Security Alerts / Posted November 01, 2017
A new WordPress SQLi vulnerability has been discovered by security researchers in a WordPress core, it’s strongly recommended to update to version 4.8.3, the latest at the time of writing, if you haven’t done so already.
Read moreApache Struts (CVE-2017-9805)
Security Alerts / Posted September 06, 2017
Security researchers announced on 05 September 2017, a critical remote code execution vulnerability in Apache Struts.
Read morePetya Ransomware: The Basics
Security Alerts / Posted June 28, 2017
A little over two months on since WannaCry set the internet on fire, a new release of ransomware is spreading around the world, as experts unfortunately warned might happen.
Read moreCritical Joomla 3.7 SQL Injection Vulnerability Patched
Product Security Alerts / Posted May 18, 2017
On the 17th of May 2017, the Joomla team issued a patch for a high severity security flaw that could allow a remote unauthenticated attacker to execute arbitrary SQL queries on the target system. A malicious attacker could exploit this flaw to read, create, modify and delete data stored within the database. It is also possible to gain administrator control of the Joomla CMS and execute PHP code on the affected server by exploiting this flaw.
Read moreWanaCrypt0r – Ransom Attack
Security Alerts / Posted May 13, 2017
With the global spread of this particular malware on Friday and the media coverage it has received, it is understandable that many customers are wanting to know more about this threat and what they can do to protect against it.
Read moreNew Apache Struts Zero Day Vulnerability Discovered
Security Alerts / Posted March 09, 2017
On the 6th March 2017 information security researchers have discovered a Zero-Day vulnerability in Apache Struts web application framework, which is being actively exploited in the wild and is under active attack. Apache Struts is a free, open-source, Model-View-Controller (MVC) framework for creating elegant, modern Java web applications, which supports REST, AJAX, and JSON.
Read more