AppCheck Security Blog

FEATURED POST

**CRITICAL RISK** CVE-2023-21762 Fortinet FortiProxy and FortiOS – Unauthorised Remote Code Execution (RCE) via Out-of-Bounds Write (Memory Corruption) Vulnerability

read more
Filter by:
View all
Case Studies
Events
General
News
Product
Research
Security Alerts
Appcheck - icons

Known Actively Exploited Vulnerabilities Round-up (17.05.24-23.05.24)

This article covers recent vulnerabilities found to be actively exploited. They are categorised based not only on the category of exploitation, but their impact, and versions affected. This article also informs on any official fix and remediation guidance for the listed vulnerabilities.
Read More
Appcheck - icons

What are salts and how do they improve password security?

In this blog post we look at the issues surrounding secure password storage and how the use of salts in particular can help protect passwords in the event of a hack or data breach. We look at why salts are needed, how they work, and the best practice guidance for implementation.
Read More
Appcheck - icons

Known Actively Exploited Vulnerabilities Round-up (10.05.24-16.05.24)

This article covers recent vulnerabilities found to be actively exploited. They are categorised based not only on the category of exploitation, but their impact, and versions affected. This article also informs on any official fix and remediation guidance for the listed vulnerabilities.
Read More
Appcheck - icons

Microsoft Patch Tuesday – May 14th 2024

“Patch Tuesday” is an unofficial term used to refer to the second Tuesday of each month, when Microsoft, Adobe, Oracle and others regularly release software patches for their software products. Critical security updates are occasionally released outside of the normal Patch Tuesday cycle, but these are known as “Out-of-band” releases. Security updates for May 14th 2024 – critical bypass of ‘smartscreen’ protection mechanism among 149 vulnerabilities this month.
Read More
Appcheck - icons

HTTP Request Signing and Vulnerability Scanning

In this blog post, we delve into the complexities surrounding one such data integrity technique: HTTP message signing. We explore the different specifications currently in use, dissecting their mechanisms and operations. Additionally, we examine the challenges the techniques may present when scanning web applications and discuss how AppCheck has solved these problems to integrate message signing support into our vulnerability scanner.
Read More
Appcheck - icons

Product Update: Application Authentication Updates

Our latest product update enhances our authentication on the AppCheck scanner with new extended support being added for Digest and NTLM authentication. As always, if you require any more information on this topic or want to see what unexpected vulnerabilities AppCheck can pick up in your website and applications then please contact us: info@localhost.
Read More
Services
Company
Resources
Keep in touch

AppCheck Ltd. is a company registered in England and Wales with company number 06888174

Get in touch

Start your free trial

Simply complete the form and we’ll send you all you need to activate AppCheck and undertake your FREE scan.
Your details
IP Addresses
URLs