As soon as WordPress launch a new version they publish a changelog on their website where you can find what has been changed, including all security vulnerabilities that have been patched. Disabling the WordPress auto-update feature can open up your website to attackers that first check the changelog and then look for sites that haven’t been updated.
Security Awards is a yearly event arranged by the Swedish publication Skydd och Säkerhet. Detectify’s backend developer Jonatan was one of the finalists for Security Awards’ Security Student of 2016, so we caught up with him right after the event to ask him about the Swedish education system and his personal security role models.
Johan Norrman is a proper IT veteran. He has always found companies in the early stages of development exciting, so it’s hardly surprising that he ended up working at a startup. His passion for creating order from chaos, combined with the capacity to be a good leader and build strong teams, makes Johan the perfect fit for the role of CIO at Detectify.
A phishing email that supposedly comes from Telia, a mobile network operator, has recently been doing the rounds in Sweden. The recipients were asked to click on a link in the email to access their monthly mobile bill. There is a lot of money to be gained from phishing attempts, which is why the number of suspicious emails in circulation keeps growing and the attacks range from mass send outs to sophisticated CEO fraud. In this blog post, we explain how to identify phishing attempts in your inbox and stay safe.
Ever wished there was an easy way to see if your site is vulnerable to any of the vulnerability categories on the OWASP Top 10 list? The latest addition to the Detectify tool allows you to do just that! Our new OWASP view provides a quick and easy way to check whether your site passes or fails OWASP Top 10 tests.
Few people know Detectify’s website as well as our web developer Martina Janevska. Originally from Macedonia, Martina moved to Sweden to do a master’s in software engineering and joined Detectify’s web development team in the spring of 2015. We talked to her about her work, how she maintains a security-oriented mindset, and what it takes to be a successful developer.
Support staff are low in hierarchy and salary, while typically having very high privilege in the systems that they’re maintaining, which renders them an excellent attack vector for hackers. Emma Lilliestam explains service desk security issues that occur when it comes to procedures, passwords, privilege, and insider threat.
Ottoboni is a Swedish web agency with an impressive list of customers including some of the country’s largest companies and government authorities. The agency runs Detectify security tests on the websites of some of their most security-aware customers. Pär Stålberg, Senior Digital Production Manager, believes that security will become a natural part of customer dialogues.