Featured post
/ Posted November 04, 2021
We have taken on lots of new starters at AppCheck across all departments as we continue to enjoy a period of expansion. We sit down with Dylan Marriott, our Application Support Engineer, and ask him how his first few months with AppCheck have gone.
read moreFilter by:
News / Posted November 04, 2021
We have taken on lots of new starters at AppCheck across all departments as we continue to enjoy a period of expansion. We sit down with Dylan Marriott, our Application Support Engineer, and ask him how his first few months with AppCheck have gone.
Read moreNews / Posted November 03, 2021
We are delighted to announce that we have become the latest vendor to be authorized by the Common Vulnerabilities and Exposures (CVE) Program as a CVE Numbering Authority (CNA).
Read moreNews / Posted October 29, 2021
This year, we have prepared some cyber security quizzes to protect you from the evil that lurks.
One quiz is filled with nasty questions which will rack your brain, the other filled with treats to delight you. The question is... which is which?
Research / Posted October 27, 2021
“BYOD” and the “Internet of Things” are two growing areas of security concern for organisations, linked conceptually by the commoditisation of information processing hardware.
Read moreSecurity Alerts / Posted October 25, 2021
The AppCheck Research team identified a security flaw within the “Duplicate Post” WordPress plugin. The plugin has been downloaded 155,421 times at the time of writing. This blog post details the finding along with remediation advice.
Read moreResearch / Posted October 19, 2021
CSRF stands for “Cross Site Request Forgery” and is a term that is used to describe a situation in which an attacker tricks a computer user into submitting a web request that they are unaware of performing, that is performed under their identity, and which is typically against their interests. An example might be an instruction to their online bank to transfer money out of their account and into the attacker’s account. Since the action is performed from the victim’s computer, it is indistinguishable from a legitimate and intentional request made by the victim. This obviously sounds fairly alarming! Let’s dig deeper into the mechanisms that make this possible.
Read moreEvents / Posted October 15, 2021
A brand new webinar in which we hope to build up an understanding of authentication vulnerabilities, working from the most basic to more intricate scenarios, sparing no detail whilst remaining accessible to non-technical audiences. Straight from the stage of the Digital Transformation Expo, this will be the debut of this webinar content.
Read moreResearch Security Alerts / Posted October 15, 2021
The “WPO365 | LOGIN” WordPress plugin (up to and including version 15.3) by wpo365.com is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS).
Read moreEvents News / Posted October 14, 2021
The Web Application Security seminar is a free event that presents a detailed analysis of the most common threats facing web applications today. We will review high profile examples and provide a technical breakdown of critical security flaws along with an introduction into emerging technologies.
Read moreResearch / Posted October 13, 2021
In this episode, Nick Blundell – Head of R&D at AppCheck speaks with Holly Grace Williams from Secarma about the pros and cons of vulnerability scanning, how hackers can enter weak systems and the need for a blended approach.
Read more