Blogs & Articles
Cybersecurity News, Latest Vulnerabilities, Hacking Tutorials
Clickjacking 101: What is Clickjacking and How Does it Work?
Clickjacking, also known as UI Redressing, is a technique that tricks users into clicking on unintended elements on a website. Learn more about how it works.
Learn WebApp Pentesting: 2023 Edition
This article reviews how you can become become a web application penetration tester or application security engineer with updated advice for 2023.
OWASP API Top10 2023 Candidate List, So What’s New?
Review the top threats to APIs identified in the OWASP 2023 Candidate List. Top threats include Broken Object Level Authorization, SSRF, and more!
BOLA: Broken Object Level Authorization
Broken Object Level Authorization is a vulnerability that impacts API security. It occurs when an application fails to enforce access controls.
Exploiting Mass Assignment Vulnerabilities
Mass assignment is a commonly used feature in web applications. However, misconfigurations can make web applications vulnerable to attackers. Learn more.
What is an Internal Penetration Test?
Introduction An internal penetration test is a simulated attack on a network or system conducted from within an organization's internal network. The objective of an internal penetration test is to identify vulnerabilities and weaknesses in the network or system that...
What is Cross-Site Scripting (XSS)?
OverviewCross-Site Scripting (XSS) is a type of security vulnerability in web applications that enables an attacker to insert malicious code into a web page that can be viewed by other users (typically in the form of scripts). When a web application fails to properly...
Manual vs Automated Code Review
This article explores the differences between automatic and manual code review and some of the pros and cons surrounding both approaches.
Which Role is Right For You?
This article reviews some of the technical roles that exist within the cybersecurity space to help you determine what career track is right for you.
Kali Purple – Thoughts from a Penetration Tester
Kali Linux is a popular penetration testing and ethical hacking distribution built from the Linux Operating System. Learn about the latest Kali Purple version.
Penetration Testing – PCI Compliance – Auditing
See How We Can Secure Your Assets
Let’s talk about how TCM Security can solve your cybersecurity needs. Give us a call, send us an e-mail, or fill out the contact form below to get started.