AppCheck Security Blog

FEATURED POST

The importance of regular vulnerability scanning

Appcheck - icons
Our technical team was feeling extremely festive…so we asked them to write a poem
Appcheck - icons
A remote code execution vulnerability (CVE-2021-44228) is affecting multiple versions of the Apache Log4j 2 library.
Appcheck - icons
This webinar hopes to build up an understanding of authentication vulnerabilities, working from the most basic to more intricate scenarios, sparing no detail whilst remaining accessible to non-technical audiences. Straight from the stage of Digital Transformation Expo, this webinar has received some excellent feedback and is not one to be missed.
Appcheck - icons
A successful exploit of a DNS rebinding attack turns a victim’s browser into a proxy for attacking screened devices on the user’s private network, which are not exposed to the public internet. Rather than being a “standalone” vulnerability, it is typically used to enable further, onward attacks against devices that an individual or organisation may believe are inaccessible to attackers. DNS rebinding attacks aren’t as well known of or understood by organisations in the same way as household-name exploits such as “XSS”, and so many organisations may not have explicit protection measures in place.
Appcheck - icons
In this article we’re going to take a look at so-called “Session Puzzling Attacks.” So in this article we’re going to step through a full explanation of typical session handling mechanisms, how the vulnerability can arise within them, and how to prevent vulnerabilities of this class.
Appcheck - icons
HTTP Descynchronisation attacks are a type of attack within a wider class of exploits known as HTTP request smuggling attacks that aim to cause confusion as to where the boundaries of individual HTTP requests begin and end.

Get in touch

Please enable JavaScript in your browser to complete this form.
Name

Start your free trial

Your details
IP Addresses
URLs