XSS Case Study

XSS Case Study

XSS Case Study Written by Gergő Turcsányi  April 18, 2019 You’ve probably heard about the recent Cross-Site Scripting vulnerability in the Google search engine. With a clever payload, you could have crafted a link which executes JavaScript after opening it and...
Wild card to win USPS customer data

Wild card to win USPS customer data

Wild card to win USPS customer data Written by Richárd Raciborski  January 22, 2019 The US Postal Service launched their Informed Visibility program last year to provide better insight into their mailstream service. For example, one can obtain near real-time...
The three fatal bugs behind the Facebook breach

The three fatal bugs behind the Facebook breach

The three fatal bugs behind the Facebook breach Written by Ákos Hajba  October 29, 2018 The breach was discovered after Facebook saw an unusual spike of user activity that began on September 14, 2018. A few days later, on Tuesday, September 25, Facebook’s...
Report a vulnerability in a responsible way!

Report a vulnerability in a responsible way!

Report a vulnerability in a responsible way! Written by Judit Szőcs  August 21, 2018 If you have found a vulnerability and you want to act responsibly, discretion is most important. Always remember you have information that can be exploited by black-hats...
Broken Access Control

Broken Access Control

Broken Access Control Written by Márton Németh  In this article we cover examples of broken access control, how to find it in your application and possible consequences. Access control, or authorization, is how a web application grants access to resources to...