AppCheck Security Blog
Featured post
8 Tips to Improve IT Security for SMEs
/ Posted August 08, 2019
When we think of cyber-attacks our minds often flash to larger corporations and massive data leaks for millions of customers, but these are just the ones we see reported in the news. In fact the Verizon 2019 Data Breach Report found that 43% of breaches involved small business victims.
Cyber-attacks are on the rise and for most SMEs trying to get your head around them and protect your business can be a daunting and difficult task. We have complied a list of 8 steps to help prevent breaches including practical advice on what to do should a breach occur.
read moreFilter by:
8 Tips to Improve IT Security for SMEs
News / Posted August 08, 2019
When we think of cyber-attacks our minds often flash to larger corporations and massive data leaks for millions of customers, but these are just the ones we see reported in the news. In fact the Verizon 2019 Data Breach Report found that 43% of breaches involved small business victims.
Cyber-attacks are on the rise and for most SMEs trying to get your head around them and protect your business can be a daunting and difficult task. We have complied a list of 8 steps to help prevent breaches including practical advice on what to do should a breach occur.
Read moreAppCheck at the IP Expo 2019
Events / Posted August 02, 2019
We are attending this year’s Digital Transformation Expo down at ExCel London 9-10th October and hope to see you there. Not only do we have a stand located in the heart of the IT Security arena, where we’ll be talking all things web application security, our Head of Research & Development will also be delivering a key talk in the Cyber Hack theatre where he’ll be covering one of the most intriguing topics surrounding web application vulnerabilities.
Read moreADDITIONAL DATES - Web Application Security Seminar - September 2019
Events / Posted July 16, 2019
Web Application Security Seminar
Chelsea Football Stadium, London - Friday 6th September 2019 - 10:00am- 4:00pm
A Practical View of the Most Common Threats Facing Web Apps Today
The Web Application Security seminar is a free event that presents a detailed analysis of the most common threats facing web applications today. We will review high profile examples and provide a technical breakdown of critical security flaws along with an introduction into emerging technologies such as HTML5.
Each candidate will receive a copy of the slides and exclusive tools and exploit code used in the live hacking demonstrations.
British Airways fined £183m following recent cyber attack
News / Posted July 08, 2019
Since the introduction of GDPR regulations in May 2018 the possible consequences of hacks have increased with data breaches now potentially leading to large fines.
At the back end of last year British Airways became a target of a cyber attack which compromised the financial data of it’s customers.
For a period of around 2 weeks hackers exploited the British Airlines website undetected, being able to access personal and financial details of customers, believed to be around 400,000. Being able to access names, addresses, credit card numbers, expiry dates and even three-digit CVV codes on the back of the cards gave the hackers everything they needed to make fraudulent payments.
Amazon S3 Buckets Expose Data of Major Companies
News / Posted July 01, 2019
Three AWS S3 Buckets, owned by data management company Attunity, have exposed customer data of some major global companies. This data was found on publicly accessibly Amazon S3 Buckets which were not password protected and includes email correspondence, system passwords, sales and marketing contact information, project specifications and employee personal data. The total size of the leak is still unclear.
Read moreAppCheck vs OWASP Top 10
Product / Posted June 26, 2019
Every few years the OWASP community come together to review the ten most critical web application security risks by analysing vulnerability data spanning hundreds of organisations and over 100,000 real world applications.
These vulnerabilities are assessed using a number of factors such as detectability, exploitability and potential impact to create the final list.
So let’s take a look at what’s included and why AppCheck incorporates these vulnerabilities into it’s standard scan templates, reporting, dashboards and more…
New feature announcement: Subdomain takeover audit
Product Research Security Alerts / Posted June 18, 2019
AppCheck has released a new detection module available to all customers to scan for subdomain takeover vulnerabilities.
Read moreWeb Application Security Seminar - July 2019
Events / Posted May 16, 2019
Web Application Security Seminar
Chelsea Football Stadium, London – Friday 26th July 2019 - 9.30am- 4:30pm
A Practical View of the Most Common Threats Facing Web Apps Today
The Web Application Security seminar is a free event that presents a detailed analysis of the most common threats facing web applications today. We will review high profile examples and provide a technical breakdown of critical security flaws along with an introduction into emerging technologies such as HTML5.
Each candidate will receive a copy of the slides and exclusive tools and exploit code used in the live hacking demonstrations.
Is Your Development Life Cycle Truly Secure?
News / Posted May 11, 2019
As app development becomes more complex and incorporates more features than ever, it is critical to make sure security testing is embedded in your security development life cycle. The appetite for faster release cycles has never been greater, but even if your organisation is rushing to production, code needs to be secure before it is deployed.
Read moreSAP Hybris Commerce CVE-2018-2505 Vulnerability Discovered
News Research Security Alerts / Posted March 18, 2019
The AppCheck research team identified a security flaw (CVE-2018-2505) within SAP Hybris affecting many large online retailers. The security flaw was due to an insecure JavaScript library that allows malicious JavaScript to be injected into a user’s session with the affected Hybris application.
Read more