Nov 26, 2019 | By Detectify
Stockholm, Sweden. November 26, 2019 – Detectify, today announces a successful Series B round of €21,5 million led by venture capital firm Balderton Capital, and supported by existing investors Paua Ventures, Inventure and Insight Partners. The new funding will be used to continue to hire world-class talent to further accelerate the company’s growth and deliver on Detectify’s promise of a safer internet for all.
Oct 31, 2019 | By Detectify
tl;dr – CVE-2019-11043 PHP-FPM & NGINX RCE was publicly disclosed and a Proof-of-Concept exploit code was made available on GitHub. We received the report from our Crowdsource community, and now the CVE-2019-11043 Nginx/PHP-FPM RCE vulnerability is detected by Detectify. Nginx is a common web server used to run web applications. PHP-FPM (FastCGI Process Manager) is a processor for PHP scripts that is efficient at handling heavy website traffic and is commonly used by websites that have e.g.
Oct 24, 2019 | By Detectify
October is Cyber Security Awareness month, and a good time for organizations and anyone who uses the Internet (yes that means everyone) to review security best practices, for a safer user experience. Based on the current state of the Internet, here are our best tips for a better online browsing experience, for website guardians and end users.
Oct 4, 2019 | By Detectify
Detectify now has a built-in detection for vBulletin RCE CVE-2019-16759, thanks to a report from our Crowdsource community. Last week, a proof-of-concept exploit for a Remote Code Execution (RCE) vulnerability for vBulletin forum software CVE 2019-16759 was disclosed publicly. The vulnerability was exploited in the wild and actively being exploited by malicious attackers.
May 28, 2019 | By Detectify
This Meet the Hacker episode features Detectify Crowdsource hacker, Linus Särud aka @_zulln. He is a security researcher at Detectify and he specializes in finding web application vulnerabilities. Linus started hacking when he was in his early teens and found a bug in Google Translate.
Apr 11, 2019 | By Detectify
Detectify is a scalable web app security scanner that automates 1000+ security tests to help you release secure applications. With Detectify, you can test your code with real exploits to identify and fix vulnerabilities in both staging and production environments. The service is continually updated with new security tests thanks to Detectify Crowdsource, a global network of handpicked security researchers.
Mar 21, 2019 | By Detectify
Object-Graph Navigation Language (OGNL) is an expression language for handling Java objects. When an OGNL expression injection vulnerability is present, it is possible for the attacker to inject OGNL expressions. Many critical Apache Struts CVEs are the result of GNL expression injection. Watch our short attack demo video where we explain Apache Struts OGNL expression injection and how it works.