We’ve got some cool events coming up and we’re looking forward to discussing security at tech conferences, meetups and webinars. Check out this blog post for a complete list of events we’ll be attending this summer and autumn. If you’d like to schedule a meeting with us in advance or get hold of us at any of the events, just drop us a line at hello[at]detectify.com or reach out to us on Twitter. We can’t wait to meet you!
Fourth one on the list is Insecure Direct Object Reference, also called IDOR. It refers to when a reference to an internal implementation object, such as a file or database key, is exposed to users without any other access control. In such cases, the attacker can manipulate those references to get access to unauthorized data.
Secure Sockets Layer (SSL) is a cryptographic protocol designed to provide communications security over a computer network. SSL makes the communication safe between two points, and ensures that ”no one” is sitting in-between, eavesdropping on the conversation. You’ll usually see if a site is encrypted if the url starts with
https:// instead of
Are you running WordPress 4.2.0 to 4.5.1? Time to upgrade to 4.5.2!
It was recently discovered that WordPress versions 4.2.0 to 4.5.1 are vulnerable against a reflected XSS vulnerability in a specific WordPress SWF-file: flashmediaelement.swf. The vulnerability could lead to leaked WordPress credentials, or be used as a stepping stone to more severe attacks.