AppCheck Security Blog
Featured post
Secarma Automated Testing Podcast - Nick Blundell
/ Posted October 13, 2021
In this episode, Nick Blundell – Head of R&D at AppCheck speaks with Holly Grace Williams from Secarma about the pros and cons of vulnerability scanning, how hackers can enter weak systems and the need for a blended approach.
read moreFilter by:
Secarma Automated Testing Podcast - Nick Blundell
Research / Posted October 13, 2021
In this episode, Nick Blundell – Head of R&D at AppCheck speaks with Holly Grace Williams from Secarma about the pros and cons of vulnerability scanning, how hackers can enter weak systems and the need for a blended approach.
Read moreApache 2.4.50 (CVE-2021-42013) & 2.4.49 (CVE-2021-41773) Remote Code Execution / Path Traversal Vulnerability
Security Alerts / Posted October 06, 2021
A previous version of this article recommended updating to 2.4.50 to address the vulnerability in 2.4.49, however the fix in 2.4.50 has been now been shown to be incomplete therefore it is recommended to update to 2.4.51.
Read moreReflecting on AppCheck: Taylor-Mae Nash
News / Posted October 05, 2021
We have taken on lots of new starters at AppCheck across all departments as we continue to enjoy a period of expansion. We sit down with Taylor-Mae, our Client Services Executive, and ask her how her first few months with AppCheck have gone.
Read moreOWASP Top 10 2021 Web Application Security Risks
Product / Posted September 24, 2021
Every few years the OWASP community come together to review the ten most critical web application security risks (commonly known simply as the “OWASP Top 10”) by analysing vulnerability data spanning hundreds of organisations and over 100,000 real world applications. This process was most recently performed in 2021 and a new, updated top 10 list published.
Read moreSecurity Advisory: Persistent XSS via Avatar Upload in Kentico CMS (CVE-2021-43991)
Security Alerts / Posted September 17, 2021
The Kentico CMS (13.0.4001.0 Xperience platform version tested locally) is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS).
Read moreReflecting on AppCheck: Chris McGreavy
News / Posted September 10, 2021
We spoke to Chris McGreavy, our Service Delivery Lead about his first few months here at AppCheck
Read moreAppCheck & the OWASP Penetration Testing Checklist
Research / Posted September 03, 2021
The OWASP Penetration Testing Checklist is aimed at delivering a baseline standard against which potential vendor solutions can be assessed to ensure that a prospective web application security testing provider delivers a service that is sufficient
Read moreUmbraco Forms File Upload Vulnerability: Technical Analysis (CVE-2021-37334)
Research Security Alerts / Posted August 25, 2021
On the 15th of July 2021 Umbraco and AppCheck released a Security Advisory to alert users of a vulnerability within the Umbraco Forms component that could be exploited to gain remote code execution on the affected system.
Read moreAppCheck & The OWASP Top 10 Privacy Risks
Research / Posted August 24, 2021
The OWASP Top 10 Privacy Risks list is an attempt to curate a completely neutral set of prioritised privacy risks for businesses to consider, as well as a recommended set of countermeasures for businesses to deploy against the occurrence of those risks.
Read moreFeatures Review: GoScript and Card Skimmers
Product / Posted August 17, 2021
AppCheck has many features and is constantly being updated. Here we look at just two, authenticated scanning and card-skimming.
Read more