Month: December 2019

3 Results / Page 1 of 1

Background

todayDecember 18, 2019

  • 3327
  • 2
close

Vulnerability Disclosure Infosec Team

Global Payments Vulnerability

CVE-2019-20455 On 2019-03-28, Global Payments issued a commit to their SDK that introduced a vulnerability allowing man-in-the-middle attacks due to SSL integrity checking being explicitly disabled. The result of this change allowed all communications between merchants and GlobalPay to be intercepted and unencrypted. Any Merchant using a version of the ...

todayDecember 1, 2019

  • 66
close

Cyber security Mike

30 second web security primer

You’re building a website or web-based application, here’s some things you should keep in mind: Never trust user input Never trust database input Always escape SQL inputs using proper libraries (for example PHP’s PDO library with prepared statements) Never let administrators enter any HTML/CSS/Javascript through the web interface Monitor your ...