Author Archives Acunetix

THE AUTHOR

Acunetix

Acunetix developers and tech agents regularly contribute to the blog. All the Acunetix developers come with years of experience in the web security sphere.

Consider outside of the box for security – It can be exposing

Web Security Zone | June 2, 2010 by Acunetix

In the past few days, a site selling Durex condoms have had a small ‘exposure’ problem. As reported, the site had been suffering (time length unknown) from several basic security exposures, including even allowing orders to be viewed online, without a login – simply by…

Third Annual Meetings of Heads of Information Systems Security RSSI’2010

Events | May 24, 2010 by Acunetix

Acunetix reseller Hat Web Security Labs will be exhibiting Acunetix WVS in the Third Annual Meetings of Heads of Information Systems Security RSSI’2010. The event will take place between 3rd and 4th of June 2010 at the Cyber Parc Elgazala, Tunis. Click here for more…

Acunetix WVS helps Digicure discover web vulnerabilities

News | May 20, 2010 by Acunetix

A proper web security audit is a mixture of automated and manual tests; Acunetix WVS provides a comprehensive tool for automated testing purposes and useful toolbox Digicure can use for manual penetration testing as well. “The most impressive thing about Acunetix Web Vulnerability Scanner must…

SQL Injection hits again; 168,000 personal records exposed

News | May 18, 2010 by Acunetix

A hacker, who calls himself “ins3cted”, has demonstrated to Webwereld via video how by exploiting a simple SQL injection, he can retrieve 168,000 personal records from a Dutch website called Experience the OV (http://www.ervaarhetov.nl). Citizens living in the provinces of Gelderland, Overijssel and Flevoland are…

Security usability and accessibility

Web Security Zone | May 14, 2010 by Acunetix

Recently security and accessibility issues have become an important topic to me. Although I had always considered accessibility and more specifically usability important in my designs, since I’m now down to one active hand two to a surgery on the other hand, I am now…

XSS redirect attack – root compromized via simple tricky redirect

Web Security Zone | April 16, 2010 by Acunetix

As the attacks on infrastructure become more complicated, the true nature of deep penetration attacks prove food for thought for all developers and operators. Consider this case – where the Apache open source infrastructure itself became significantly exposed by a simple XSS attack that utilized…

The road to glory, from XSS to Root on apache.org

Web Security Zone | April 14, 2010 by Acunetix

On the 9th of April 2010, Apache.org infrastructure suffered a direct and targeted attack on the server hosting the Apache issue-tracking software, Atlassian JIRA. This is the second major compromise the Apache Software Foundation suffered in less than a year, when last August, the main…

Acunetix WVS Version 6.5 build 20100407 released

Product Releases | April 7, 2010 by Acunetix

An updated build of Acunetix WVS Version 6.5 has been released. This build includes a number of bug fixes Bug Fixes: Fixed: Login Sequence Recorder was not using client certificates when recording a login sequence Fixed: Login Sequence Recorder was not using the configured User…

Malware Survey Data – Customer Perspective

Malware | April 2, 2010 by Acunetix

One big thing that is missing from this industry is empirical trend data that supports the TRUE risks and costs associated with hacking and malware infections. To date, we’ve written quite alot about customer-specific impacts when they are infected… The ‘results’ run the gambit of…

Take action and discover your vulnerabilities