The PCI Security Council recently confirmed that the upcoming update to the PCI DSS guidelines, version 3.1 will include a change pressing companies to switch to TLS web encryption as opposed to the outdated SSL. This is mainly a response to Heartbleed, ShellShock and POODLE,…
Acunetix Dishes Out Security Solution to Catertrax
Catertrax, one of Acunetix’ valued clients, have recently provided us with a case study of their use of the scanner and how it helps them to maintain their security and reassure their customers. ‘Acunetix has helped make our application stronger and given our clients the…
Acunetix detects new critical IIS server vulnerability CVE-2015-1635 (MS15-034)
Yesterday was Patch Tuesday – Microsoft’s monthly rendezvous with all administrators wanting to keep their Microsoft products up to date with all security patches. This was no ordinary Patch Tuesday for web administrators. MS15-034 contains a CRITICAL security update for Microsoft IIS which addresses a remote…
Heartbleed still affecting over 70% of top organisations
Despite first being disclosed in April of 2014, it seems that many of the top global organisations are still exposed to the Heartbleed vulnerability. In reports from threat intelligence agencies and the University of Maryland, estimates of susceptibility among the top 2000 global organisations ranges…
Acunetix Network Scans Defend against Trojans and Backdoors
The task of keeping the systems running on the network perimeter and all the services exposed on the internet is substantial and ongoing. Considering that most network admins are time-starved, they can’t always be blamed for missing the latest security update for their software. A…
Lessons to Learn from the AllCrypt Hack
On March 18, 2015, AllCrypt, a small crypto currency exchange posted what may very well be one of their last posts on their blog. The Bitcoin exchange had been hacked, resulting in stolen crypto currency. The AllCrypt Team described the attack in detail in their…
Cyber Security and the Data Protection Act
Records management company Iron Mountain have just published a report on public sector agencies, revealing that around 40% have suffered a data breach. It also noted that information security teams are under-resourced, lacking in the required skills or are performing roles above their grade. Considering…
Political hacking – the latest cyber threat
Regardless if you believe North Korea were the culprits or not, everyone will acknowledge that since the Sony hack, we’ve all started to take cyber terrorism a little more seriously. You mean they don’t just want financial details and government intelligence? No, that’s right, terrorists…
Troubleshooting tips for Apache, Part 4 – Run Apache HTTP Server as a single process
Run Apache HTTP Server as a single process and use debugging tools A typical Apache HTTP Server installation runs with several processes. However, to simplify troubleshooting it’s best to run Apache as a single process. This can be done by using the X option when…