Geen blogs aangemaakt.

The CVE that wasn't to be

As security researchers we take pride in helping our clients by identifying security issues before they wreak havoc. We usually focus on code developed by our clients but sometimes we broaden our efforts to include commonly used software such as webbrowsers. We believe fame (not fortune) awaits us in the form of an assigned CVE if we're able to identify an issue in, say, the WebStorage implementation of Firefox.

XML Signature Wrapping vulnerability in Samlify

NodeJS is rapidly becoming prevalent as the platform of choice in projects of our clients. One of the advantages of this relatively new platform is the abundance of open source libraries: ‘middleware’ in Node-speak. This is a good thing of course, it increases speed of development and we all know that recycling is good for the environment.