Hot Topics

USENIX Security '22 - Hongbin Liu, Jinyuan Jia, Neil Zhenqiang Gong - ‘PoisonedEncoder: Poisoning The Unlabeled Pre-Training Data In Contrastive Learning’
Privacy Compliance In 2023
Born In A Pandemic - Our Story | Blog by anecdotes
Continuity Joins Dell Technologies ETC Program to Help Protect Customers’ Storage and Data Protection Systems
Challenges With AI: Artistry, Copyrights and Fake News

Data Extraction to Command Execution CSV Injection

[email protected] (jrougvie) | September 6, 2019

As web applications get more complex and more data driven, the ability to extract data from a web application is becoming more common. I work as a principal penetration tester on Veracode’s MPT team, and the majority of web applications that we test nowadays have the ability to extract data ... Read More

RSS | Veracode Blog

The Top Five Web Application Authentication Vulnerabilities We Find

[email protected] (jrougvie) | July 26, 2019

One of the most important parts of a web application is the authentication mechanism, which secures the site and also creates boundaries for each user account. However, during my years of testing web applications, it’s still very common to find authentication mechanisms with vulnerabilities. I currently work as a principal ... Read More

RSS | Veracode Blog