Penetration Test Blog by turingpoint

Blog posts about Penetration Test from our team.
Log4j - Critical Zero-Day Vulnerability in Logging Library
Log4j - Critical Zero-Day Vulnerability in Logging Library
New

The Log4Shell zero-day vulnerability is considered highly security-critical. It allows attackers to execute arbitrary code.

More
What does the Coalition Agreement say about Cyber Security and Digital Civil Rights?
What does the Coalition Agreement say about Cyber Security and Digital Civil Rights?

The new coalition agreement aims to strengthen the law on the Internet and advance society in terms of cyber security.

More
The new OWASP Top 10 from 2021
The new OWASP Top 10 from 2021

There are three new categories in the OWASP Top 10 and the prioritization of some already known categories has changed.

More
Node Package Manager Security - Everything about NPM Package Security
Node Package Manager Security - Everything about NPM Package Security

Numerous versions you can use for the Node Package Manager update may be contaminated with malicious code, according to repository officials.

More
Vulnerabilities in GraphQL - Overview and Case Studies
Vulnerabilities in GraphQL - Overview and Case Studies

This disclosure capability of GraphQL is both strength and weakness at the same time and should be tested accordingly.

More
Error culture in the IT department - How an open Approach to Errors Promotes the Security Level of Companies
Error culture in the IT department - How an open Approach to Errors Promotes the Security Level of Companies

The reasons for penetration testing are numerous and yet, from a legal perspective, they are often in a gray area.

More
Data Protection and Data Security - Account Deletion within Apps soon Mandatory
Data Protection and Data Security - Account Deletion within Apps soon Mandatory

A new feature is mandatory account deletion: If users are asked to set up an account for an app, it must also be possible to delete it.

More