AppCheck news & events

8 Tips to Improve IT Security for SMEs

When we think of cyber-attacks our minds often flash to larger corporations and massive data leaks for millions of customers, but these are just the ones we see reported in the news. In fact the Verizon 2019 Data Breach Report found that 43% of breaches involved small business victims.

Cyber-attacks are on the rise and for most SMEs trying to get your head around them and protect your business can be a daunting and difficult task. We have complied a list of 8 steps to help prevent breaches including practical advice on what to do should a breach occur.

read more

Petya Ransomware: The Basics

A little over two months on since WannaCry set the internet on fire, a new release of ransomware is spreading around the world, as experts unfortunately warned might happen.

Read more

Critical Joomla 3.7 SQL Injection Vulnerability Patched

On the 17th of May 2017, the Joomla team issued a patch for a high severity security flaw that could allow a remote unauthenticated attacker to execute arbitrary SQL queries on the target system. A malicious attacker could exploit this flaw to read, create, modify and delete data stored within the database. It is also possible to gain administrator control of the Joomla CMS and execute PHP code on the affected server by exploiting this flaw.

Read more

WanaCrypt0r – Ransom Attack

With the global spread of this particular malware on Friday and the media coverage it has received, it is understandable that many customers are wanting to know more about this threat and what they can do to protect against it.

Read more

New Apache Struts Zero Day Vulnerability Discovered

On the 6th March 2017 information security researchers have discovered a Zero-Day vulnerability in Apache Struts web application framework, which is being actively exploited in the wild and is under active attack. Apache Struts is a free, open-source, Model-View-Controller (MVC) framework for creating elegant, modern Java web applications, which supports REST, AJAX, and JSON.

Read more

Detecting and Exploiting the PHPMailer RCE

On the 25th of December 2016, a security researcher disclosed a critical security flaw within a popular PHP library used to send emails. The PHPMailer library is used by more than 9 million websites worldwide and is bundled with popular open source PHP content management systems such as WordPress. At worst the flaw could be exploited to execute arbitrary PHP code on the affected system. This would allow the remote attacker to take complete control of the application and launch further attacks against the system and internal network. PHPMailer versions below 5.2.20 are affected along with a number of other libraries that include the vulnerable code; such as SwiftMail and the Zend Framework.

Read more

High Severity Joomla Vulnerability Patched

On the 25th of October 2016, the Joomla team issued a patch for a high severity security flaw that could allow a remote unauthenticated attacker to create administrative accounts on the target system. AppCheck was updated on the same day to detect and safely exploit the vulnerability.

Read more

Hunting HTML 5 PostMessage Vulnerabilities

AppCheck partnered with Sec-1 Ltd to undertake a research project investigating the security challenges posed by next generation web applications. The project included an investigation of Cross-Origin communication mechanisms provided via HTML5 including postMessage and CORS.

One of the key findings from the research shows that vulnerabilities introduced through an insecure postMessage implementation are frequently missed by security scanners and consultants performing manual review.

Read more

WordPress 4.5.1 Cross-Site Scripting (CVE-2016-4566)

WordPress versions 4.5.1 and earlier are affected by a XSS vulnerability through Plupload,the third-party library WordPress uses for uploading files. WordPress versions 4.2 through 4.5.1 are vulnerable to reflected XSS using specially crafted URIs through MediaElement.js, the third-party library used for media players. MediaElement.js and Plupload have also released updates fixing these issues.

Read more

Critical Security Flaw in ImageMagick (imagetragick)

A vulnerability with a widely deployed image processing library was disclosed on the 5th of May 2016. Within an hour of the disclosure AppCheck NG was updated to detect the flaw.

A Practical View of the Most Common Threats Facing Web Apps Today
The Web Application Security seminar is a free event that presents a detailed analysis of the most common threats facing web applications today. We will review high profile examples and provide a technical breakdown of critical security flaws along with an introduction into emerging technologies such as HTML5.
Each candidate will receive a copy of the slides and exclusive tools and exploit code used in the live hacking demonstrations.

Read more

Remote Code Execution Flaw in Apache Struts 2.3.20-2.3.28

A vulnerability in Apache Struts 2.3.20-2.3.28* could allow an unauthenticated, remote attacker to execute arbitrary code on a target server.

Read more