Security Archives - Sqreen Blog

Code Vulnerabilities and SQL Injections in Ruby on Rails

56 views
8 minute read
No comments

Preventing SQL injections in Ruby (and other vulnerabilities)

Chris Chinchilla
February 12, 2021

This post’s topic is very straightforward: SQL injection, Ruby flavored. More specifically, how you can protect your Ruby application against SQL injections—and other common security threats. Ruby is a wonderful…

View Post

222 views
7 minute read
5 comments

Preventing SQL injections in Python (and other vulnerabilities)

Chris Chinchilla
February 9, 2021

Python is a wonderful language, ideal for beginners, and easy to scale up from starter projects to complex applications for data processing and serving dynamic web pages. But as you…

View Post

OWASP top 10 vulnerabilities cheat sheet for CTOs

Security

43 views
9 minute read
3 comments

OWASP Top 10 Cheat Sheet

Matthew
February 8, 2021

In recent times, hacks seem to be increasingly prevalent, not to mention severe. What’s more, it doesn’t matter whether you’re a small player or a big name corporation such as…

View Post

Security

18 views
5 minute read
No comments

Security analysis of the top 1000 SaaS companies: we still have a long way to go

Josh
March 20, 2019

SaaS has become the de facto standard for most B2B tools and B2C applications. As a result, more and more personal and business-critical data is entrusted to third parties who…

View Post

17 views
2 minute read
No comments

ESLint backdoor: revoke all the tokens

Vladimir
July 12, 2018

Tl;dr [EDIT 2018-07-16] The official ESLint post-mortem has been released. NPM already revoked all tokens at once so you probably don’t need to do this yourself. A backdoor was introduced…

View Post

18 views
6 minute read
No comments

An in-depth look at CVE-2018-8778 or why integer overflows are still a thing!

Benoit
March 30, 2018

A new exciting vulnerability (yes sorry, we easily get excited about these things 😜) has been released in Ruby. CVE-2018-8778 is a Buffer under-read that is triggered by String#unpack. Kudos…

View Post

Security

76 views
3 minute read
3 comments

Security analysis of the most popular cryptocurrency exchanges

Paul
January 25, 2018

So you’ve finally decided to buy some Bitcoin, Ethereum or any other coin that’s all the rage these days? At Sqreen, we’re not so much interested in the cryptocurrency craze,…

View Post

Security

8 views
5 minute read
No comments

In ICO, the S stands for Security

Jb
January 11, 2018

ICOs are all the rage these days. You have ICOs raising millions in seconds, and others losing millions in seconds. Coming from a security background, I wondered if these ICOs…

View Post

19 views
5 minute read
2 comments

State of Node.js Security 2017

Don Goodman-Wilson
November 9, 2017

A wake-up call It will be hard to escape 2017 without a new-found respect for the importance of application security. The Equifax breach, resulting from an exploit of a well-known…

View Post