August 20, 2018
July 24, 2018
Today marks an important event in the security of the web – starting with today’s release of Chrome v68, the most popular browser in use today is warning users when they access a website over an insecure connection. While this is a small change to the user interface, it makes the dangers of insecure connections clear to users, even in cases where the website doesn’t collect information.
July 23, 2018
Cross-Site Request Forgery (CSRF) is a security issue which can allow legitimate users to be tricked into performing actions in your web application on behalf of a malicious attacker. A successful phishing attack or similar scheme could be leveraged to exploit a CSRF vulnerability. It’s a serious issue which can be difficult to detect without manual penetration testing.