AppCheck Security Blog
Featured post
SlowLoris – Remarkably Little To Do With Lemurs
/ Posted February 28, 2017
We don’t get many Lorises (or Lemurs for that matter) in the AppCheck offices – probably something to with the climate - so we don’t know much about them, other than that with a top speed of 1.2 miles per hour going flat out, you’d probably not be backing one in a race against anything much other than their even-tardier distant cousins the two-toed sloth.
But since we’re in the vulnerability-scanning game here at AppCheck, we’re going to take a look at the web application vulnerability that is the namesake of this insectivorous tropical quadruped
read moreFilter by:
SlowLoris – Remarkably Little To Do With Lemurs
Research / Posted February 28, 2017
We don’t get many Lorises (or Lemurs for that matter) in the AppCheck offices – probably something to with the climate - so we don’t know much about them, other than that with a top speed of 1.2 miles per hour going flat out, you’d probably not be backing one in a race against anything much other than their even-tardier distant cousins the two-toed sloth.
But since we’re in the vulnerability-scanning game here at AppCheck, we’re going to take a look at the web application vulnerability that is the namesake of this insectivorous tropical quadruped
Read moreDetecting and Exploiting the PHPMailer RCE
Research Security Alerts / Posted January 04, 2017
On the 25th of December 2016, a security researcher disclosed a critical security flaw within a popular PHP library used to send emails. The PHPMailer library is used by more than 9 million websites worldwide and is bundled with popular open source PHP content management systems such as WordPress. At worst the flaw could be exploited to execute arbitrary PHP code on the affected system. This would allow the remote attacker to take complete control of the application and launch further attacks against the system and internal network. PHPMailer versions below 5.2.20 are affected along with a number of other libraries that include the vulnerable code; such as SwiftMail and the Zend Framework.
Read moreHigh Severity Joomla Vulnerability Patched
Security Alerts / Posted October 26, 2016
On the 25th of October 2016, the Joomla team issued a patch for a high severity security flaw that could allow a remote unauthenticated attacker to create administrative accounts on the target system. AppCheck was updated on the same day to detect and safely exploit the vulnerability.
Read moreHunting HTML 5 PostMessage Vulnerabilities
News Product Research / Posted August 10, 2016
AppCheck partnered with Sec-1 Ltd to undertake a research project investigating the security challenges posed by next generation web applications. The project included an investigation of Cross-Origin communication mechanisms provided via HTML5 including postMessage and CORS.
One of the key findings from the research shows that vulnerabilities introduced through an insecure postMessage implementation are frequently missed by security scanners and consultants performing manual review.
Read moreWordPress 4.5.1 Cross-Site Scripting (CVE-2016-4566)
Security Alerts / Posted May 12, 2016
WordPress versions 4.5.1 and earlier are affected by a XSS vulnerability through Plupload,the third-party library WordPress uses for uploading files. WordPress versions 4.2 through 4.5.1 are vulnerable to reflected XSS using specially crafted URIs through MediaElement.js, the third-party library used for media players. MediaElement.js and Plupload have also released updates fixing these issues.
Read moreCritical Security Flaw in ImageMagick (imagetragick)
Security Alerts / Posted May 06, 2016
A vulnerability with a widely deployed image processing library was disclosed on the 5th of May 2016. Within an hour of the disclosure AppCheck NG was updated to detect the flaw.
A Practical View of the Most Common Threats Facing Web Apps Today
The Web Application Security seminar is a free event that presents a detailed analysis of the most common threats facing web applications today. We will review high profile examples and provide a technical breakdown of critical security flaws along with an introduction into emerging technologies such as HTML5.
Each candidate will receive a copy of the slides and exclusive tools and exploit code used in the live hacking demonstrations.
Remote Code Execution Flaw in Apache Struts 2.3.20-2.3.28
Security Alerts / Posted April 23, 2016
A vulnerability in Apache Struts 2.3.20-2.3.28* could allow an unauthenticated, remote attacker to execute arbitrary code on a target server.
Read moreCritical: Remote Command Execution in WordPress Form Manager Plugin (CVE-2015-7806)
Research Security Alerts / Posted October 23, 2015
On the 9th October researchers at AppCheck NG discovered a critical Remote Command Execution (RCE) in the popular WordPress plugin Form Manager which allows an attacker with an unprivileged account (including a self-registered account) to execute arbitrary commands on the host. The vulnerability was reported and fixed on the 12th October.
Read moreDetecting Delayed Execution Vulnerabilities
News Product Research / Posted October 08, 2015
AppCheck Sentinel is an external monitoring system designed to detect Out-of-Band events such as DNS Lookups and HTTP requests. Its’ function in Web Application scanning is to aid the detection of vulnerabilities that cannot be identified through the use of conventional scanning techniques.
Read moreAdobe Fixes HTML5 PostMessage Security Flaw
News Research / Posted July 31, 2015
AppCheck has identified a significant security flaw affecting a common JavaScript component provided as part of the Adobe Marketing Cloud. The flaw affected many high profile applications including several banking sites and well known .com organisations, and has now been fixed by the vendor.
Read more