Acunetix WVS v.10 (build 20150921) has been released. This new build checks for Cross Site Scripting in mobile-touch event handlers and for various vulnerabilities in products such as Composer, Zend Framework, AjaxControlToolkit and others. Below is a full list of updates. New Features Added a…
XSS in Google Feedburner
A fundamental aspect of web applications which developers should bear in mind is securing the input inserted by the user. Many times, due to lack of attention or understanding, programmers might ignore the review of the code, resulting in security breaches, which through exploiting represent…
Webinar: Grow your business with Acunetix
Comguard, the Acunetix distributor for UAE, is organising a Webinar together with the Acunetix Support Team for Acunetix Partners or for IT firms interested in becoming Acunetix Partner Program members. The webinar will highlight the USPs of the product and will give tips on generating sales. …
In the headlines: FireEye and Kaspersky vulnerabilities, Windows 10 ‘Keylogger’ and more
Windows 10 ‘Keylogger’ and how to switch it off When the first Windows 10 preview was released, there were reports of it containing a keylogger. It now appears that this feature did indeed make it into the released version, via the Windows helper Cortana. As…
Cross-site Scripting and its variants explained
Cross-site Scripting (XSS) has been making the Top 5 list of exploitable vulnerabilities since it was first discovered way back in the 1990s. The term XSS refers to a client-side code injection attack wherein an attacker can execute malicious scripts into a legitimate website or…
What preventive steps can SMEs take to reduce the chance of cyber attack?
Every week the headlines carry news of high profile cyber attacks, in fact every day cyber criminals compromise thousands of websites – often without the site owner knowing. A recent study of 15,000 websites found nearly half contained a ‘high-severity’ vulnerability waiting to be exploited…
Netflix Sleepy Puppy – Nothing new
Netflix has released an open source tool that their engineering team have developed in-house that can find second-order XSS vulnerabilities in web applications. The tool is called Sleepy Puppy, and while it’s a good initiative from Netflix, the auto-detection of ‘Delayed XSS’ is nothing new….
Acunetix WVS Input Fields
Many websites include web forms that capture visitor data, such as download forms. Acunetix Web Vulnerability Scanner can be configured to automatically submit random data or specific values to web forms during the crawl and scan stages of a security audit. By default, Acunetix Web Vulnerability…
IT Security Expo and Congress it-sa 2015
Everything is geared to IT security at it-sa which is to be held in Nuremberg, Germany between the 6th to 8th October 2015. Use this opportunity to exchange views with the leading IT security experts and source information on the latest products and services. Besides…