Open Redirects: A Forgotten Vulnerability?, (Tue, Feb 24th)

Posted on by

In 2010, OWASP added “Unvalidated Redirects and Forwards” to its Top 10 list and merged it into “Sensitive Data Exposure” in 2013. Open redirects are often overlooked, and their impact is not always well understood. At first, it does not look like a big deal. The user is receiving a 3xx status code and is being redirected to another URL. That target URL should handle all authentication and access control, regardless of where the data originated.

Continue reading Open Redirects: A Forgotten Vulnerability?, (Tue, Feb 24th)

Posted in Uncategorized

Xbox Co-Founder Says New Microsoft Gaming CEO is ‘a Palliative Care Doctor’

Posted on by

Seamus Blackley, one of the co-founders of the original Xbox console, is worried that Xbox is now on its deathbed following last week’s major leadership change.
The post Xbox Co-Founder Says New Microsoft Gaming CEO is ‘a Palliative Care Doctor’ appear… Continue reading Xbox Co-Founder Says New Microsoft Gaming CEO is ‘a Palliative Care Doctor’

Greater Pittsburgh Orthopaedic Associates disclosed a 2025 breach, but was there also one in 2024?

Posted on by

Greater Pittsburgh Orthopaedic Associates (GPOA) recently began notifying patients of a breach that occurred on or about August 10, 2025.  Although their notification letter to patients does not indicate that this was an incident involving encryption, … Continue reading Greater Pittsburgh Orthopaedic Associates disclosed a 2025 breach, but was there also one in 2024?