AppCheck Security Blog

FEATURED POST

Known Actively Exploited Vulnerabilities Round-up (19.04.24-25.04.24)

Appcheck - icons
In this blog post we look at why an “assume breach” mentality has gained ground, what it involves, and some of the more common best practice guidance around how to react should the worst occur.
Appcheck - icons
“Patch Tuesday” is an unofficial term used to refer to the second Tuesday of each month, when Microsoft, Adobe, Oracle, Google and other vendors regularly release software patches for their software products. Critical security updates are occasionally released outside of the normal Patch Tuesday cycle, but these are known as “Out-of-band” releases. Security updates for July 9th 2024 include a critical URI Spoofing vulnerability in Microsoft Windows among a total of 139 vulnerabilities this month.
Appcheck - icons
This article covers recent vulnerabilities found to be actively exploited. They are categorised based not only on the category of exploitation, but their impact, and versions affected. This article also informs on any official fix and remediation guidance for the listed vulnerabilities.
Appcheck - icons
In this blog post we look at whether the current ubiquity of SSL/TLS has led to any drawbacks relating to either its specification or applied usage, how seriously each of these issues impacts TLS’ overall usefulness, and whether these warrant concern or necessitate action or changes in practice by either end users or website operators.
Appcheck - icons
A critical vulnerability – CVE-2024-6387 – has been discovered in OpenSSH, a widely used suite of secure networking utilities. This flaw, stemming from a signal handler race condition, poses critical risks including potential unauthorised remote code execution (RCE). Affected versions include 8.5p1 up to, but not including, 9.8p1, impacting numerous major Linux distributions such as Red Hat, Debian, and Ubuntu. 
Appcheck - icons
Our latest product update includes a major enhancement to the GoScript editor that will transform how you create and manage your login scripts. As always, if you require any more information on this topic or want to see what unexpected vulnerabilities AppCheck can pick up in your website and applications then please contact us: info@localhost.

Get in touch

Start your free trial

Your details
IP Addresses
URLs