by Zach Edwards | Apr 29, 2020
Breaches have been found on websites including Wish.com, JetBlue.com, Quibi.com, WashingtonPost.com, NGPVan.com and numerous other organizations… Most popular websites on the internet are using 3rd party analytics and advertising Javascript code — and depending on how...
by Zach Edwards | Jan 1, 2020
CCPA and GDPR force companies to “put pen to paper” about their global user data policies and partner data sharing, but as with any system of accountability in a marketplace, the mere existence of regulatory frameworks that force transparency, don’t ensure that the...
by Zach Edwards | Apr 7, 2019
by Zach Edwards | Mar 28, 2019
There are numerous coding practices and server setups that can result in unexpected cached pages — pages that shouldn’t be able to be served to another user. One of the most-abused page caching features is “search index caching” — aka...
by Zach Edwards | Mar 12, 2019
As someone who has been working on enterprise digital stacks for over 12 years and building analytics stacks for over 7 years, I’ve broken my fair-share of client websites with malformed javascript. It happens to pretty much every analytics professional *on...
by Zach Edwards | Mar 6, 2019
Here’s a short video explaining the scope of this vulnerability and my initial test: I recently came across a website that I won’t name that had a very interesting problem — certain pages had almost no 3rd party javascript firing, but they had dozens...
Recent Comments