AppCheck Security Blog

FEATURED POST

AppCheck & The GDPR

read more
Filter by:
View all
Case Studies
Events
General
News
Product
Research
Security Alerts
Appcheck - icons

The current state of CSRF and should I still worry about it?

CSRF stands for “Cross Site Request Forgery” and is a term that is used to describe a situation in which an attacker tricks a computer user into submitting a web request that they are unaware of performing, that is performed under their identity, and which is typically against their interests. An example might be an instruction to their online bank to transfer money out of their account and into the attacker’s account. Since the action is performed from the victim’s computer, it is indistinguishable from a legitimate and intentional request made by the victim. This obviously sounds fairly alarming! Let’s dig deeper into the mechanisms that make this possible.
Read More
Appcheck - icons

Webinar: Authentication: Bypassed!

A brand new webinar in which we hope to build up an understanding of authentication vulnerabilities, working from the most basic to more intricate scenarios, sparing no detail whilst remaining accessible to non-technical audiences. Straight from the stage of the Digital Transformation Expo, this will be the debut of this webinar content.
Read More
Appcheck - icons

WordPress + Microsoft Office 365 / Azure AD | LOGIN Persistent Cross-Site Scripting (CVE-2021-43409)

The “WPO365 | LOGIN” WordPress plugin (up to and including version 15.3) by wpo365.com is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS).
Read More
Appcheck - icons

AppCheck Web Application Seminar November 2021 – LONDON

The Web Application Security seminar is a free event that presents a detailed analysis of the most common threats facing web applications today. We will review high profile examples and provide a technical breakdown of critical security flaws along with an introduction into emerging technologies.
Read More
Appcheck - icons

Secarma Automated Testing Podcast – Nick Blundell

In this episode, Nick Blundell – Head of R&D at AppCheck speaks with Holly Grace Williams from Secarma about the pros and cons of vulnerability scanning, how hackers can enter weak systems and the need for a blended approach.
Read More
Appcheck - icons

Apache 2.4.50 (CVE-2021-42013) & 2.4.49 (CVE-2021-41773) Remote Code Execution / Path Traversal Vulnerability

A previous version of this article recommended updating to 2.4.50 to address the vulnerability in 2.4.49, however the fix in 2.4.50 has been now been shown to be incomplete therefore it is recommended to update to 2.4.51.
Read More
Services
Company
Resources
Keep in touch

AppCheck Ltd. is a company registered in England and Wales with company number 06888174

Get in touch

Start your free trial

Simply complete the form and we’ll send you all you need to activate AppCheck and undertake your FREE scan.
Your details
IP Addresses
URLs