Security of a Country: Portugal

ana barbosa
Portugal is our second destination in our series “Security of a Country”. Back in 2012, some of our team members conducted a research about the state of cybersecurity in Portugal at that time. After 4 years and with big developments in our 40fy platform, we decided to gather some fresh…
Continue Reading

Security of a Country: Portugal

ana barbosa
Portugal is our second destination in our series “Security of a Country”. Back in 2012, some of our team members conducted a research about the state of cybersecurity in Portugal at that time. After 4 years and with big developments in our 40fy platform, we decided to gather some fresh…
Continue Reading

Announcing: Cyberfables

BinaryEdge
For far too long we've heard "The problem of security is always the user", so we decided to put our heads to work to try and tackle this problem. For the last couple of months we have been so focused on our B2B product that it felt great to start…
Continue Reading

Announcing: Cyberfables

BinaryEdge
For far too long we've heard "The problem of security is always the user", so we decided to put our heads to work to try and tackle this problem. For the last couple of months we have been so focused on our B2B product that it felt great to start…
Continue Reading

XML Parser Evaluation

Christopher Späth
XML Parser EvaluationFor some time now, we've been researching in excruciating detail the prevalence of DTD attacks on different XML parsers.For a quick recap which attacks are possible, see our DTD Cheat Sheet post.In this post, we present you the results in a nutshell.The information presented here is based on this…
Continue Reading

XML Parser Evaluation

Christopher Späth
XML Parser EvaluationFor some time now, we've been researching in excruciating detail the prevalence of DTD attacks on different XML parsers.For a quick recap which attacks are possible, see our DTD Cheat Sheet post.In this post, we present you the results in a nutshell.The information presented here is based on this…
Continue Reading

DTD Cheat Sheet

vladislav mladenov
When evaluating the security of XML based services, one should always consider DTD based attack vectors, such as XML External Entities (XXE) as,for example, our previous post XXE in SAML Interfaces demonstrates.In this post we provide a comprehensive list of different DTD attacks.The attacks are categorized as follows:Denial-of-Service AttacksClassic XXEAdvanced XXEServer-Side Requst…
Continue Reading

DTD Cheat Sheet

vladislav mladenov
When evaluating the security of XML based services, one should always consider DTD based attack vectors, such as XML External Entities (XXE) as,for example, our previous post XXE in SAML Interfaces demonstrates.In this post we provide a comprehensive list of different DTD attacks.The attacks are categorized as follows:Denial-of-Service AttacksClassic XXEAdvanced XXEServer-Side Requst…
Continue Reading