News – David Sopas – Web Security Researcher

Checkmarx Security Research Team latest work

My team has been working hard and we release more juicy stuff: – Common Security Mistakes when Developing Swift Applications – Part I – Meet NFCdrip – a New Security Concern for Air-Gapped Systems – What’s in Your Website? Lurking Risk from Third-party Resources – How Secure Are the Browser Extensions You Create? Pedro Umbelino… Continue reading Checkmarx Security Research Team latest work

Checkmarx Security Research Team latest work

Some of our work was published and I would like to share it here: ReDoS in Go Decrypting JobCrypter More coming soon in a web near you 🙂

Reflected File Download webinar

On 13th March I did a webinar for Checkmarx showing in around 30 minutes what is and how you can exploit the web vector Reflected File Download. You can still watch the recorded version at RFD: Still Threatening the Biggest Names on the Web. Had a lot of fun doing it because it was my… Continue reading Reflected File Download webinar

Checkmarx Security Research Team latest work

The team who loves hacking and learning new things have published more stuff: Tinder’s Lack of Encryption Lets Strangers Spy on Your Swipes JavaScript Secure Coding Practices guide The Top 5 Exfiltration Attacks on WebViews JavaScript Attacks in WebViews Android WebView: Secure Coding Practices Is Your Child’s Data Safe From The Man In The Middle?

Category: News

Checkmarx Security Research Team latest work

Checkmarx Security Research Team latest work

Reflected File Download webinar

Checkmarx Security Research Team latest work

Checkmarx Security Research Team latest work

Details on the Cross-Site Request Forgery Vulnerability Disclosed at Black Hat

Exploits start against flaw