Skip to content
Affinity IT Security
  • Cybersecurity Assessments
  • GOV Info
  • Training
  • About
  • Contact
  • Articles

OUTSOURCE YOUR CYBERSECURITY

Increase security. Maintain compliance. Retain control.

Find Out How
Find and Fix Your Vulnerabilities.  Discretely. Now Find and Fix Your Vulnerabilities.  Discretely. Now

Security Vulnerability

What is Information Leakage ?

December 11, 2017January 8, 2018 JoeWeb Application Vulnerabilities, What Is ... ?
What is Information Leakage

Information Leakage (CWE-200) is a category of software vulnerabilities in which information is unintentionally disclosed to end-users, potentially aiding attackers in their efforts to breach application security.  The key criteria for Information Leakage is that the exposure is  unintentional and […]

Read more

How To Test For Information Leakage

December 11, 2017January 8, 2018 JoeHow To Test For ... ?, Web Application Vulnerabilities
Testing For Information Leakage

If you are not familiar with the concept of Information Leakage, we suggest that you review the article entitled “What is Information Leakage ?“. Keep Your Eyes Open During Testing In my experience, you don’t do much testing for Information […]

Read more

What Is A Session Management Vulnerability ?

March 8, 2017January 8, 2018 JoeWeb Application Vulnerabilities, What Is ... ?
What Is Session Management Vulnerability

One of the OWASP Top 10 vulnerabilities is Weak Authentication and Session Management.  This entry is not always clearly understood as it actually refers to two large categories of web-application vulnerabilities.  In this article, we examine vulnerabilities related to Session […]

Read more

How To Prevent Command Injection

March 4, 2017January 8, 2018 JoeHow To Prevent ... ?, Web Application Vulnerabilities
Preventing Command Injection

If you are not already familiar with the concept of Command Injection, please review the article entitled “What Is Command Injection ?“. For insights into detecting Command Injection vulnerabilities within applications, see the article entitled “How To Test For Command […]

Read more

How To Test For Command Injection

March 4, 2017January 8, 2018 JoeHow To Test For ... ?, Web Application Vulnerabilities
Testing For Command Injection

If you are not already familiar with the concept of Command Injection, we suggest that you review the article entitled “What Is Command Injection ?“. Detecting Command Injection Since it is usually not obvious which, if any, inputs might influence […]

Read more

Posts navigation

Older posts
Bank of America logo Chubb institute logo emblem logo BNP Paribas logo CME group logo

Recent Posts

  • The City of Charleston, Capital City of West Virginia, Awards Affinity IT Security Services Network Security and Audit Services Contract
  • Affinity IT Security Services Awarded GSA Schedule for Highly Adaptive Cybersecurity Services
  • Changing the SDLC to Produce Secure Applications
  • Affinity IT Security Services Has New Focus on Critical Infrastructure Protection
  • Designing Secure API Services
  • On Complexity, Convenience, Risk, and Privacy

Categories

  • 1O Things …
  • How To Prevent … ?
  • How To Test For … ?
  • Press Releases
  • Reasons Why…
  • Uncategorized
  • Web Application Vulnerabilities
  • What Is … ?

Follow Affinity IT Security

Affinity IT Security Follow

Find and fix your vulnerabilities. Do it discreetly. Do it now.

AffinityITSec
affinityitsec Affinity IT Security @affinityitsec ·
8 Dec

We are #hiring! Know anyone who might be interested? https://lnkd.in/erxte473

Reply on Twitter 1600950406544297984 Retweet on Twitter 1600950406544297984 Like on Twitter 1600950406544297984 Twitter 1600950406544297984
affinityitsec Affinity IT Security @affinityitsec ·
7 Dec

I’m #hiring. Know anyone who might be interested? 👋😊 https://lnkd.in/eqcHKeaS

Reply on Twitter 1600556442653704210 Retweet on Twitter 1600556442653704210 Like on Twitter 1600556442653704210 Twitter 1600556442653704210
affinityitsec Affinity IT Security @affinityitsec ·
19 Jul

https://lnkd.in/eTPtBeBz

Reply on Twitter 1549527699621875719 Retweet on Twitter 1549527699621875719 Like on Twitter 1549527699621875719 Twitter 1549527699621875719
affinityitsec Affinity IT Security @affinityitsec ·
10 Dec 2021

A serious vulnerability has been exposed in the very popular logging library: Apache log4j. A patch to the library (v2.15.0) has been issued. If you are using this library in your products, you should investigate.

See: and
https://lnkd.in/dcFYZ6rs https://lnkd.in/dEZ4J3VH

Reply on Twitter 1469357700987424768 Retweet on Twitter 1469357700987424768 Like on Twitter 1469357700987424768 Twitter 1469357700987424768
affinityitsec Affinity IT Security @affinityitsec ·
10 Jun 2021

Security researchers just discovered an enormous trove of 26M passwords and other artifacts collected from over 3M PCs.

I'm sure every one of them would be shocked to learn they were a victim.

Patch and scan regularly, use strong…https://lnkd.in/dWkRaq4 https://lnkd.in/dmztzPC

Reply on Twitter 1402981089560383492 Retweet on Twitter 1402981089560383492 1 Like on Twitter 1402981089560383492 1 Twitter 1402981089560383492
Load More

Cybersecurity is more critical than ever before. You need a partner with the right expertise.

Find and fix your vulnerabilities. Do it discreetly. Do it now.

Find and Fix Your Vulnerabilities. Discretely. Now

1243 Sussex Turnpike Suite #1, Randolph, NJ 07869
info@Affinity-IT.com
800.840.2335
  • 23 NYCRR 500 Compliance
  • About Us
  • Affinity IT Security
  • Application Security Testing
  • Articles
  • Be a Professional Hacker
  • Become a Certified Ethical Hacker (CEH)
  • Become a Certified Ethical Hacker (CEH)
  • Become a Certified Ethical Hacker (CEH)
  • Become a Certified Ethical Hacker (CEH)
  • Become a Certified Ethical Hacker (CEH)
  • Become a Certified Ethical Hacker (CEH)
  • Become a Certified Ethical Hacker (CEH)
  • Become a Certified Ethical Hacker (CEH)
  • Become a Certified Ethical Hacker (CEH)
  • Become a Certified Ethical Hacker (CEH)
  • Become a Certified Ethical Hacker (CEH)
  • Become a Certified Ethical Hacker (CEH)
  • Become a Penetration Tester
  • Best Hacker School
  • Best Hacking School
  • CEH Bootcamp
  • CEH Certification
  • CEH Exam
  • CEH Exam Preparation
  • CEH Instruction
  • Certified Ethical Hacker (CEH) Exam
  • Certified Ethical Hacker (CEH) Training Class
  • Choose the RIGHT Cybersecurity Partner
  • Contact Us
  • Cybersecurity Compliance
  • Cybersecurity Compliance Inquiry
  • EC Council CEH Accredited Training Center
  • Ethical Hacker Course
  • Ethical Hacker Course
  • Ethical Hacking Course
  • Getting Your CEH
  • GOV Info
  • Hacker Bootcamp
  • Hacker Training
  • HIPAA Compliance
  • Information Security Assessments and Penetration Tests
  • Information Security Training Inquiry
  • Learn Ethical Hacking
  • Learn Penetration Testing
  • Learn PenTesting
  • Network Security Testing
  • Network Vulnerability Assessment
  • PCI DSS Compliance
  • Penetration Test Training
  • Penetration Testing and Vulnerability Assessments Inquiry
  • Penetration Testing Bootcamp
  • Penetration Testing Course
  • Penetration Testing School
  • Pentesting Bootcamp
  • Pentesting Course
  • Pentesting School
  • Prepare For The CEH Test
  • Training
  • Training Course: Application Security and the SDLC
  • Training Course: Designing Secure Web Applications
  • Training Course: Employee IT Security Awareness
  • Training Course: Fundamentals of IT Security
  • Training Course: Gathering and Documenting Web Application Security Requirements
  • Training Course: Testing Web Application Security
  • Training Course: Understanding HIPAA Security Compliance
  • Training Course: Understanding NERC-CIP
  • Training Course: Understanding PCI-DSS
  • Website Security Testing
  • Website Vulnerability Assessment
  • What Cybersecurity Services Do You Actually Need ?
Powered by WordPress | Theme: Astrid by aThemes.