AppCheck Security Blog

Competition: Win a Year of FREE Unlimited Scanning

Would you like to win a year of free unlimited vulnerability scanning?

AppCheck will be giving away a FREE one year licence for our security scanning platform.
To enter just visit our stand (#F40) or either of our talks at the Digital Transformation Expo, fill out a competition entry form and hand to an AppCheck representative.

read more

Competition: Win a Year of FREE Unlimited Scanning

Would you like to win a year of free unlimited vulnerability scanning?

AppCheck will be giving away a FREE one year licence for our security scanning platform.
To enter just visit our stand (#F40) or either of our talks at the Digital Transformation Expo, fill out a competition entry form and hand to an AppCheck representative.

Read more

AppCheck & Cantarus co-hosted Webinar

The latest statistics show that 43% of businesses have experienced a data breach in the last 12 months and roughly 1 in 4 organisations will experience a hack in the next year. What measures do you currently have in place to avoid this? Is your current testing strategy enough to stay ahead of the hackers?
This complimentary session will help give your business a brief insight into the many layers of website and web application security.

Read more

AppCheck is Celebrating its 5th Birthday!

AppCheck is celebrating its 5th birthday today!

As we look back on our success and look forward to many more years to come we would just like to thank all our hard working staff, dedicated customers and amazing partners for all their support! We couldn't do this without you.

Read more

Top Tech: Yorkshire Award

Top Tech: Yorkshire is an awards programme to celebrate the top tech companies in Yorkshire (if that wasn’t obvious from the name) in collaboration with Miils & Reeve and The Business Desk.

Since walking away with a trophy at the Top Tech: Yorkshire 2018 awards last year Mills & Reeve caught up with Lloyd Devey, sales and operations director of AppCheck. Read more about what he had to say.

Read more

vBulletin Zero Day Vulnerability Released by Anonymous Source

AppCheck's Head of Development states: "We have confirmed the exploit does work and is an unauthenticated RCE that attackers can exploit. Depending on the user level they access this could range from simply accessing data, editing it or even full system takeover. Earlier today we have included a plug-in for our customers to identify and safely exploit this vulnerability."

Read more

Web Application Security Seminar - November 2019

Web Application Security Seminar

A Practical View of the Most Common Threats Facing Web Apps Today
The Web Application Security seminar is a free event that presents a detailed analysis of the most common threats facing web applications today. We will review high profile examples and provide a technical breakdown of critical security flaws along with an introduction into emerging technologies such as HTML5.
Each candidate will receive a copy of the slides and exclusive tools and exploit code used in the live hacking demonstrations.

Read more

Case Study - Leeds Credit Union

We always like it when companies take proactive steps towards IT security – even better when they are based in Leeds and we get to support a local business.

See what Leeds Credit Union had to say about us when we sat down and caught up with their IT team.

Read more

Data Breach Report: 17 Million Ecuador Citizen's Personal Data Leaked

A recent data leak discovered by vpnMentor security researchers and reported by The Register includes most of Ecuador’s 16.6 million population including 6.7 million children.
The size of the data leak actually totals around 20.8 million user records once duplicate records and even records of deceased persons are factored in.
Most of the data appears to have come from the Ecuadorian government's civil registry and included personal data to the effect of full names, dates of birth, address details, national identification numbers, marital status, phone numbers, education levels and even bank details such as current balances.

Read more

AppCheck Webinar: Cross-Site Scripting (XSS)

Cross-Site Scripting (XSS) is by far the most widespread high impact vulnerability, present even in the best of web applications, regardless of the framework or programming language employed - a burly steadfast member of the OWASP Top Ten.
Here at AppCheck the client-side nature of typical XSS has led to a general underappreciation of its exploitation potential, though a good understanding of the vulnerability and its subtle variations will show how it can be used to devastating effect... and more importantly: how it can be avoided.
In this seminar we will build up piece-by-piece an understanding of XSS that spares no detail.

Read more

Unicode Normalization Vulnerabilities & the Special K Polyglot

Many applications and systems have adopted Unicode as a method of encoding and storing string data. This blog post looks at some of the security flaws that can arise due to Unicode Normalization in modern web applications.

Read more