This week thousands of system administrators who make use of Goolge products will open their inbox to see an email from Google explaining that their Web Optimizer product contains an XSS flaw that allows hackers to inject scripts into their Google Optimized web pages.
Author Archives Acunetix
THE AUTHOR
Acunetix
Acunetix WVS v7 build 20101206 automatically checks for DOM XSS
The new build of Acunetix Web Vulnerability scanner Version 7 checks for DOM based XSS vulnerabilities. Unlike the traditional cross-site scripting vulnerability, document object model based cross-site scripting (DOM XSS) vulnerability is a type of vulnerability which affects the script code in the client’s browser. …
Acunetix WVS Version 7 build 20101123 released
An updated build of Acunetix WVS Version 7 was released. Improvement: More updates to the Client Script Analyser (CSA) engine for better Web 2.0 support Bug Fixes: Fix: Added port in host header for https in manual browsing Fixed: Crawler not serving pages to Client…
Acunetix WVS Version 7 build 20101115 released
An updated build of Acunetix WVS Version 7 was released. It includes a new feature, and improved support for JQuery and Web 2.0 web applications. New Features: Ability to stop individual running security scripts during a scan Major Improvements: CSA engine now supports a wider…
Holidays Brings out the Bad Guys
As you might expect, there is a projected large increase in criminal activities forecasted for this year. Driving malware and trojan infections via YOUR website is now becoming more of a standard operating procedure than ever. As reported in ThreatPosts more recent listing: ‘Spammers Gearing…
Acunetix WVS Version 7 build 20101028 released
An updated build of Acunetix WVS Version 7 has been released. This build addresses a number of bug fixes. Bug Fixes: Fixed: Replay of recorded login sequences was not working properly in the free version Fixed: NTLM authentication was not working properly when using specific…
Internet Voting Trial Thwarted by Hackers
The District of Columbia recently attempted to give the opportunity to number of people who live or work overseas to be able to cast their vote remotely. To do this a secure E-Voting website costing over $300,000 was built. On Tuesday, September 28 2010 the first public trial run was launched. Thirty-six hours later the voting system was hacked by a student. It took nearly three days for D.C officials to realize that their system was compromised. The trial was immediately suspended and red-faced engineers and politicians quickly scrambled to find out how this breach could possibly have happened.
Acunetix WVS Version7 build 20101012 released
An updated build of Acunetix WVS Version 7 has been released. It includes two bug fixes. Bug fixes: Fixed: Client Script Analyser engine was blocking if insertAdjacentHTML used on an element without parent Fixed: “Accept” header was not sent by the advanced penetration testing tools,…
Drive By Malware: What does my website look like to my customers?
As depicted below, you may be presenting an excellent, professional and polished image. However, as your customers are ‘browsing’ the scary stuff is happening behind your and their backs! The virus attacks their desktop, depositing its nastiness and spreading from there. This happens for all…