Open Redirects: A Forgotten Vulnerability?, (Tue, Feb 24th)

Posted on by

In 2010, OWASP added “Unvalidated Redirects and Forwards” to its Top 10 list and merged it into “Sensitive Data Exposure” in 2013 [owasp1] [owasp2]. Open redirects are often overlooked, and their impact is not always well understood. At first, it does not look like a big deal. The user is receiving a 3xx status code and is being redirected to another URL. That target URL should handle all authentication and access control, regardless of where the data originated.

Continue reading Open Redirects: A Forgotten Vulnerability?, (Tue, Feb 24th)

Posted in Uncategorized

Xbox Co-Founder Says New Microsoft Gaming CEO is ‘a Palliative Care Doctor’

Posted on by

Seamus Blackley, one of the co-founders of the original Xbox console, is worried that Xbox is now on its deathbed following last week’s major leadership change.
The post Xbox Co-Founder Says New Microsoft Gaming CEO is ‘a Palliative Care Doctor’ appear… Continue reading Xbox Co-Founder Says New Microsoft Gaming CEO is ‘a Palliative Care Doctor’

Greater Pittsburgh Orthopaedic Associates disclosed a 2025 breach, but was there also one in 2024?

Posted on by

Greater Pittsburgh Orthopaedic Associates (GPOA) recently began notifying patients of a breach that occurred on or about August 10, 2025.  Although their notification letter to patients does not indicate that this was an incident involving encryption, … Continue reading Greater Pittsburgh Orthopaedic Associates disclosed a 2025 breach, but was there also one in 2024?