ADVISORY SUMMARY Four vulnerabilities were discovered in the OpenClinic application, the most severe of which allowed an unauthenticated attacker... continue reading
Nov 23, 2020 6:00:00 AM |
By Britt Kemp, Jake Miller,
Around this time last year, we released a list of our favorite pen testing tools for client engagements and in our own research. This year, we’re... continue reading
Attackers don’t all approach a target in the same way. Often, they’ll target the lowest-hanging fruit or the easiest way to get through your... continue reading
Our third and final installment in a series about cheating at video games. If you haven’t already read Part 1 and Part 2, go ahead and do that... continue reading
Nov 4, 2020 6:00:00 AM |
By Chris Davis, Nazariy Haliley, Ruihai Fang
ADVISORY SUMMARY Two cross-site scripting (XSS) vulnerabilities were discovered in the Immuta application. One instance was stored XSS that could... continue reading
Oct 27, 2020 5:00:00 AM |
By Chris Davis, Justin Paglierani
ADVISORY SUMMARY The Winston Privacy device was affected by critical and high-risk issues, including a severe command injection vulnerability. The... continue reading
In this article, we are going to discuss a variety of security risks to GraphQL deployments and migrations that we’ve seen during our client... continue reading
Whether you are migrating an on-premise deployment to a cloud provider tasked with deploying a new cloud-hosted application, or looking to improve... continue reading
The revival of HTTP request smuggling has led to devastating vulnerabilities in our modern application deployments. An HTTP request smuggled past... continue reading
DARK Reading
HELPNET Security
Forbes