News
4 June 2019
Security Practices in Web Application Development - OWASP TOP 10
Is there 100% error free software? Is there 100% secure software? The answer to both questions is NO, but don't panic.
24 May 2019
Intigriti XSS challenge write-up
Intigriti published a DOM XSS Challenge available at Intigriti’s bug bounty platform. The assignment was to exploit a DOM XSS vulnerability on this page and to trigger a pop up of the document.domain (challenge.intigriti.io).
17 April 2019
How to Secure Your Blockchain Project with a Smart Contract Audit
There’s no official testing standard for Smart Contracts. But that doesn’t mean you should leave your code untested. Here’s how we approach audits that go beyond checklists.
14 November 2018
Cloudflare, how to do it right and don't reveal your real IP
The goal of this blogpost is to show what needs to be done to have a secure working setup, explain why all of the countermeasures are really necessary by demonstrating the attacks that they are mitigating, to not reveal your origin IP address.
20 February 2018
MS13-105: Oracle Outside In MDB Parsing Vulnerability – CVE-2013-5791
People sometimes ask how to know what exact vulnerability was patched in particular piece of closed source software. In this blog, we would like to describe one such example from the Microsoft security bulletin.
28 January 2018
Essentials for ICS/SCADA defence
In Summer 2016, as we cranked up our efforts to get deep into the Industry Security landscape, we had the pleasure to host Christine Kinch as our intern and researcher.