Victory Medium
  • Our Services
  • Data Blog
Select Page

Who fixes cached search results? An odd Facebook user vulnerability

by Zach Edwards | Mar 28, 2019

There are numerous coding practices and server setups that can result in unexpected cached pages — pages that shouldn’t be able to be served to another user. One of the most-abused page caching features is “search index caching” — aka...

Advertising & Analytics Red Team: Attribution Attacks via Facebook’s “fbclid” Parameter

by Zach Edwards | Mar 12, 2019

As someone who has been working on enterprise digital stacks for over 12 years and building analytics stacks for over 7 years, I’ve broken my fair-share of client websites with malformed javascript. It happens to pretty much every analytics professional *on...

Whitehat ad fraud test: Hijacking the default Shopify Google Analytics pixel and hiding the errors

by Zach Edwards | Mar 6, 2019

Here’s a short video explaining the scope of this vulnerability and my initial test: I recently came across a website that I won’t name that had a very interesting problem — certain pages had almost no 3rd party javascript firing, but they had dozens...

Facebook‘s Ongoing VIP-User Data Exfiltration Vulnerability via Adobe’s Marketo Software & Why…

by Zach Edwards | Jan 2, 2019

Facebook removed auto-fill functionality on forms that used Adobe’s Marketo “mkt_tok” value and took other steps to protect Facebook users from one-token-user-authentication user data exfiltration risks. Update: On January 29, 2019, I heard back from Facebook (27-days...

Shopify vs. Amazon: Which One Tanked Pavlok’s Sales 34%? | Guest Post from Maneesh Sethi

by Zach Edwards | Sep 20, 2018

This a guest post from Maneesh Sethi, Founder, and CEO of Pavlok (https://www.pavlok.com), an innovative company that creates wearables and technology designed to help people break bad habits and change their behavior for the better. Victory Medium and Pavlok...

Visibility is Inclusion : Why Global Metadata Standards Need Inclusivity Frameworks & Public Feedback on the IAB ID-Level Data Segment Taxonomy

by Zach Edwards | Aug 6, 2018

A couple weeks ago I submitted submitted public feedback on the IAB Tech Lab’s proposed ID-Level Data Transparency Standards. IAB’s Taxonomy sets forth new metadata standards for online advertising being deployed later this year. In other words, the...
« Older Entries
Next Entries »

Recent Posts

  • Breitbart.com is Partnering with RT.com & Other Sites via Mislabeled Advertising Inventory
  • July 2020 Compromised PaF Subdomains (mostly via Microsoft Azure)
  • Final Statement of Reasons from The California Attorney General for CCPA Raises Important Questions
  • Epic Games Ignored Epic Subdomain Takeover on their Authentication Domain, Promoted $1 Million…
  • The 2020 URL Querystring Data Leaks — Millions of User Emails Leaking from Popular Websites to…

Recent Comments

    Most recent content

    • Breitbart.com is Partnering with RT.com & Other Sites via Mislabeled Advertising Inventory
    • July 2020 Compromised PaF Subdomains (mostly via Microsoft Azure)
    • Final Statement of Reasons from The California Attorney General for CCPA Raises Important Questions
    • Epic Games Ignored Epic Subdomain Takeover on their Authentication Domain, Promoted $1 Million…
    • The 2020 URL Querystring Data Leaks — Millions of User Emails Leaking from Popular Websites to…

    contact@victorymedium.com

    Victory Medium LLC

    Privacy Policy (External Link)