Successful mitigation of today’s security threats requires an approach that is both on the offensive and on the defensive. Here, we give our take on how to approach and handle specific security challenges, as well as our reaction to some of the latest industry topics.
How DirectDefense accessed sensitive financial and personal data through injection vulnerabilities The best defense against injection attacks is to secure legacy applications by leveraging an app security assessment. Got a legacy app? Then listen up: Legacy applications can be particularly susceptible to injection attacks and organizations should take immediate action to remediate this vulnerability before… Read more »
Can These Languages Eliminate Memory-Handling Vulnerabilities for Programmers? Much has been made recently of the memory safety provided by programming languages like Rust and Go. These languages have been designed to eliminate some of the language weaknesses that make it so easy for C and C++ programmers to write vulnerable software. These memory-safe languages are… Read more »
Apex Labs Dissects a 4-Part Study on Privacy and Security Issues in Electronics Repair Is there data snooping by electronics technicians when we bring our devices in for repair? The researchers in this paper claim to have conducted the first-ever comprehensive study to understand the state of privacy in the electronics repair services industry. While… Read more »
04.29.21How a recent DirectDefense application security assessment revealed a common vulnerability. A large financial corporation recently called on us to perform a comprehensive security assessment of their client-facing application. Among other findings, the engagement revealed just how easy it would be for someone with ill-intent to exploit the application via access controls that were not… Read more »
