Liferay 3: Attackers could steal the sessions of your users with the following technique.

5 March 2018

If you are logged in to a vulnerable system, then you are only one click away from getting your session stolen. Just a question: have you clicked a shortened url recently?

Liferay 2: Users in your system could execute arbitrary code on your server

28 February 2018

The following example shows how a malicious user could compromise your server. This example requires a user to be logged in, but in other cases no login is required to run arbitrary code with the rights of the operating system user behind your portal instance. If you would like to secure your system, contact us.

Liferay 1: Did you know that probably anyone could view many portlets in your system?

19 February 2018

Most of the Liferay instances are still vulnerable in this case. If you follow the steps detailed below, maybe you could also conclude, that this vulnerability is still present in your system. You should not let unauthenticated users to gain access to your private data.

Security is the future of Blockchain

15 February 2018

Imagine that you are a cryptocurrency expert and knows pretty much about the blockchain ecosystem.