Hacking

Bypassing and exploiting Bucket Upload Policies and Signed URLs

Aug 2, 2018 By Frans Rosén In Detectify

TL;DR Bucket upload policies are a convenient way to upload data to a bucket directly from the client. Going through the rules in upload policies and the logic related to some file-access scenarios we show how full bucket object listings were exposed with the ability to also modify or delete existing files in the bucket.

Read Post

Detectify

Read more about Bypassing and exploiting Bucket Upload Policies and Signed URLs

When Your Security Provider Gets Hacked

Aug 1, 2018 By UpGuard

Selecting a security provider is no easy feat-it includes months of designing a company's security strategy, evaluating different solutions, budgeting accordingly, and assuring stakeholders the investment will pay off by keeping their business safe.

Get White Paper

UpGuard

Read more about When Your Security Provider Gets Hacked

Detectify | Meet the Hacker - Fredrik Nordberg Almroth

Jul 16, 2018 By Detectify In Detectify

Our second Meet The Hacker episode features none other than Fredrik Almroth, one of our founding security researchers and Head of Engineering! Some of you may know him as @almroot! At the office Fredrik is heading up our team to keep all Detectify’s users secure and our tool awesome.

View Video

Detectify

Read more about Detectify | Meet the Hacker - Fredrik Nordberg Almroth

What happened when we hacked an expo?

Jul 6, 2018 By Tom Wyatt In Bulletproof

Last year we exhibited at a major information security trade show in London, during the preparation for this we received our exhibitor passes as “print yourself” PDF files. We immediately noticed that there are two forms of barcode here and, interestingly, the QR Code seems quite dense given that all it should be storing is a delegate ID number. Being the inquisitive sort of people that we are, we started up a QR scanner and had a look at its contents.

Read Post

Bulletproof

Read more about What happened when we hacked an expo?

Detectify Crowdsource | Meet the Hacker-Gerben Janssen van Doorn

Jun 14, 2018 By Detectify In Detectify

Are you interested in ethical hacking but aren’t sure where to start? A formal degree is definitely not required. We sat down with one of our top-ranked Detectify Crowdsource hackers, Gerben Janssen van Doorn, and asked him about his white-hat journey so far. In this video he shares why XSS is key for getting started and its role in keeping your web security secure.

View Video

Detectify

Read more about Detectify Crowdsource | Meet the Hacker-Gerben Janssen van Doorn

How hackers approach Magento sites | Video by Detectify

Jun 12, 2018 By Detectify In Detectify

Have you ever wondered how a hacker would analyze and attack a Magento website? We picked the brains of two ethical hackers to find out. Detectify’s security experts Linus Särud and Fredrik Almroth share their insights and tips to help you keep your Magento store safe from hackers.

View Video