AppCheck Security Blog

FEATURED POST

Broken Authentication

read more
Filter by:
View all
Case Studies
Events
General
News
Product
Research
Security Alerts
Appcheck - icons

**CRITICAL RISK** CVE-2023-4911 GNU/Linux Operating Systems – Unauthorised Execution of Arbitrary Code via Buffer Overflow Exploit (a.k.a. “Looney Tunables”)

Meep meep! and Thufferin’ Thuccotash! It must be Wabbit Season in vulnerability management – a critical buffer overflow vulnerability dubbed “Looney Tuneables” is being actively exploited (likely by varmints) in GNU/Linux Operating Systems, so ¡Andale! ¡Andale! Time to get patching! Full details below:
Read More
Appcheck - icons

DAST in DevOps: Why It Matters

DevOps is a popular practice, especially among large organizations. However, while it comes with numerous benefits, it presents numerous risks as well. One notable challenge is the increased velocity of deployment, which often complicates how developers implement and ensure application security throughout the development and deployment process.
Read More
Appcheck - icons

Web Application Security Seminar January 2024

If you think you would benefit from understanding how hackers are actively exploiting web applications and APIs today, including hacking demonstrations, prevention techniques, a review of the latest hacks, and a detailed overview of the vulnerability threat landscape, please respond today to secure your seats. (We’ll also take a sneak peek into the benefits, challenges, and recommendations for automated security testing of complex Web Applications and APIs)
Read More
Appcheck - icons

What does it mean when people say security is like an onion?

In this blog post, we look at what the “security onion” model encompasses, how it can be applied, and what value this provides to an organisation’s cybersecurity programme and initiatives.
Read More
Appcheck - icons

Cyber Security Nightmares

Bathed in digital moonlight (glow from a monitor), amidst the web’s labyrinthine threads, our fearless cyber security experts set out to confront your digital adversaries. It’s time to peek out from behind your fingers and explore the spine-chilling world of web application vulnerabilities!
Read More
Appcheck - icons

**CRITICAL RISK** CVE-2023-5631 Roundcube Webmail < v1.6.4 – Stored (Persistent) Cross-Site Scripting (‘XSS’) via JavaScript Injection in SVG Tags

Roundcube is a web-based IMAP email client. Roundcube’s most prominent feature is the pervasive use of Ajax technology. Roundcube is written in PHP and can be employed in conjunction with a LAMP stack, or any other operating systems that support PHP are supported as well. Roundcube Webmail is designed to run on standard web servers such as Apache, LiteSpeed, Nginx, Lighttpd, Hiawatha or Cherokee in conjunction with a relational database engine. Supported databases are MySQL, PostgreSQL and SQLite. The user interface is rendered in XHTML and CSS. Roundcube incorporates jQuery as part of its distribution, as well as other libraries such as GoogieSpell and TinyMCE.
Read More

Get in touch

Start your free trial

Simply complete the form and we’ll send you all you need to activate AppCheck and undertake your FREE scan.
Your details
IP Addresses
URLs