Warnings PrivacyBison publishes warnings when it learns a service has announced a data breach or is found misusing user data. If you believe a warning should be published for PrivacyBison.com
|
Observations Based on User Activity File for Lionsgateplay.comNon-Intrusive Cybersecurity and Privacy Observations based on User Activity File |
General Security Checks
Check for open system ports within your web application domain or its associated sub-domains. This can potentially mitigate exfiltration and command and control threats.
Check if the web application's SSL/TLS certificates meet the required standards, focusing on factors such as protocol version and cipher strength, to enhance security and prevent vulnerabilities. This assessment aligns with guidelines provided by SSLLabs, which can be referenced at SSL Server Rating Guide.
Check if sensitive files are exposed to unauthorized access or manipulation.
Check if any default database ports and credentials are still used in your web applications. This can result in complete loss of sensitive and private data.
Application Security Checks
Use a JavaScript scanner to identify CRITICAL or HIGH security vulnerabilities within the web application's JavaScript codebase.
Check subresource integrity to ensure that external resources, such as scripts or stylesheets, have been delivered securely without any changes.
Examine session tokens in GET request URLs for cross-site request forgery (CSRF) issues.
This control ensures that the Content Security Policy (CSP) implemented on a website or web application is configured as per the best practices. It helps to mitigate risks of Cross-Site Scripting (XSS) attacks by verifying that only approved sources for scripts, stylesheets, and other resources are specified and enforced.
Inspect website headers for adherence with security policies and standards.