How attackers exploit the WordPress Easy-WP-SMTP zero-day
On November 6th, 2019, Detectify added security tests for 50+ of the most popular WordPress plugins, including Easy-WP-SMTP. Although the zero-day affecting Easy-WP-SMTP (CVE-2020-35234) was…
Category: Mix
My Mom Died on Saturday
Created/Updated: September 21, 2022 My mom died on Saturday. My biological mother became unable to function when I was around five due to mental illness,…
CWE (Common Weakness Enumeration) and the CWE Top 25 Explained
Common Weakness Enumeration (CWE) is a system to categorize software and hardware security flaws—implementation defects that can lead to vulnerabilities. It is a community project…
Using Custom Searches in Safari (in 2022)
Created/Updated: September 25, 2022 I’ve just started using Safari again after being on Chrome for a while, and one of the things I miss most…
Top 5 Takeaways from the 2021 Hacker-Powered Security Report: Industry Insights
For the fifth year in a row, HackerOne published a report that provides insights from the world’s largest database of vulnerabilities and bug bounty customer…
Top 10 Most Critical CVEs Added in 2020
Our global community of hand-picked Detectify Crowdsource ethical hackers are the reason we are able to automate security research so quickly to protect web applications…
5 Things I’m Still Waiting for With the iPhone, Apple Watch, and AirPods
Created/Updated: September 25, 2022 I just camped for the new lineup of Apple products, as I have every year since 2007, and I am pretty…
Log4Shell: Attack Evolution | HackerOne
For many security teams, the holiday season was spoiled by the challenging remediation of Log4Shell. The affected Log4j software is ubiquitous in web applications, making…
Stadia is Google’s Product Strategy
Google refuses to invest in solid product strategy and UI/UX, and the results are becoming predictable Created/Updated: October 2, 2022 Few things in tech were…
New: Burp Suite Enterprise Edition Pay as you scan pricing | Blog
Matt Atkinson | 25 April 2023 at 14:06 UTC More than 1,000 organizations are using Burp Suite Enterprise Edition to scale their web vulnerability scanning…
The HackerOne Global Top 10—Hacker Expertise, Industry Data, and Up-to-Date Vulnerabilities
Many security teams use the OWASP Top 10 as a guideline to understand where they should focus their security strategies and cyberattack prevention efforts. The…
Detectify ethical hacker kept the country code domain .cd safe from potential attacks
NEW RESEARCH – On December 30, Fredrik Nordberg Almroth, security researcher and co-founder of Detectify – the Sweden-born cybersecurity company that offers a web vulnerability…