CSRF in JSF 2.0: Predicting CSRF Tokens for Apache MyFaces
JavaServer Faces (JSF) is a commonly used server-side web framework. Developers appreciate its relative ease of use while security engineers appreciate its ready-made ...
Read MoreArticles
Windows Docker Information Disclosure Vulnerability (CVE-2021-1645)
In 2020, we discovered a vulnerability in the Microsoft Docker implementation and reported it to Microsoft. Microsoft published updates for its Windows client and ...
Read More
What is Zero-Trust?
The acute lockdown caused by Covid-19 has caused extraordinary changes in companies and for employees and, to put it mildly, significantly increased the importance ...
Read More
The Importance of Trust Validation: Microsoft’s Dangerous Mistake
Vulnerability in VSIX signature validation Last year we discovered a vulnerability in the Visual Studio Extension (VSIX) installer, which comes with ...
Read More