Mobile Application Security & Privacy
Login

#web Articles

Mobile Applications
Text4Shell (CVE-2022-42889) in Mobile Applications ... should I worry?
Mon 24 October 2022
By Alaeddine Mesbahi

CVE-2022-42889 is a vulnerability in the Apache Commons Text Library caused by string interpolation abusing powerful handlers and present in popular application like Amazon Shopping, Udemy and Grammarly. This article goes over the applicability and risk of this vulnerability for Mobile Applications.

Ostorlab
New Dashboard, Better Insights
Thu 20 October 2022
By Rabson Phiri

As a reflection of the many new capabilities and changes we have made, we have released a new dashboard providing better insights into an organization's security posture.

Ostorlab
OWASP Mobile Application Verification Standard Support
Tue 04 October 2022
By Oussama Essaji

The Mobile Application Security Verification Standard is an important step toward building secure Mobile Applications. Ostorlab now adds support for generating compliance report for L1, L2 and Resilience levels.

Ostorlab
Improved Attack Surface Discovery, Mobile and Web Security Scanning
Thu 18 August 2022
By Alaeddine Mesbahi

Largest release with improvements to Attack Surface, Open-Source, Mobile and Web scanning and much much more.

Mobile Applications
How did we react to Log4j vulnerability? Read our analysis for mobile applications.
Mon 20 December 2021
By Martin Salis

What is the impact of Log4j vulnerability on mobile applications

Newsletter
Ostorlab Nuggets in June issue 5
Thu 27 May 2021
By Anne

Health Tech, Compromises and attacks, Instrumentation, Black Hat conferences, eBPF and more….

Security
Ostorlab detects Dependency Confusion
Wed 03 March 2021
By Kevin Green

Dependency Confusion is a new attack with high severity impact. This article is an overview of the vulnerability as well as other supply chain attacks.

Web
Finding superhuman XSS polyglot payloads with Genetic Algorithms
Mon 01 March 2021
By Alaeddine Mesbahi

The following article is a technical deep dive into how genetic algorithms can be leveraged to create superhuman XSS polyglot payloads.

Ostorlab
Ostorlab adds Web Security Scanning to its arsenal
Mon 15 February 2021
By Alaeddine Mesbahi

Ostorlab is adding Web Security Scanner to its arsenal with novel approaches to vulnerability discovery.

Pentest
Security, what opportunities and challenges for 2019?
Mon 07 January 2019
By Ostorlab Team

Use the start of the year to contemplate how the previous year went, and prepare for the upcoming is an important exercise to put things into perspective and reevaluate some of our choices.