by Masarah Paquet-Clouston | Jul 28, 2020
As part of our research on Cybersecurity Perceptions Versus Reality, we developed a survey in collaboration with Serene-risc, a knowledge mobilization network in cybersecurity based in Canada, on the perceptions and practices of cybersecurity professionals.. The...
by Masarah Paquet-Clouston | Jul 23, 2020
As part of our research on Cybersecurity Perceptions Versus Reality, we developed a survey in collaboration with Serene-risc, a knowledge mobilization network in cybersecurity based in Canada, on the perceptions and practices of cybersecurity professionals. The survey...
by Karthikeyan Jayaraman | Jun 11, 2020
An Authenticated Remote Code Execution (RCE) vulnerability was discovered on Vera, a platform for digital asset management used in the printing industry. The application allows an authenticated user to change the logo on the Website. An attacker can use this feature...
by Francois Renaud | Sep 30, 2019
TLDR: It is frightening, a patch was made available the same day it was disclosed and everybody should update their servers. Impact Butor Portal is affected by a Path Traversal vulnerability leading to pre-authentication arbitrary file downloads. Every file...
by Benoit Cote-Jodoin | Jul 3, 2019
Some time ago; we published a blog about jenkins-fsb, a preconfigured Jenkins instance for efficiently using the plug-in, Find Security Bugs. In that blog post, there was an indication about multiple vulnerabilities having been found but not disclosed. Well, today we...
by Benoit Cote-Jodoin | Sep 6, 2018
Find Security Bugs can often uncover interesting findings that may lead to the discovery of critical vulnerabilities. Back in May, we published on this blog two vulnerabilities in components of Spring, a Java web framework, using this tool. However, the process of...