Juxin Dyrmishi Brigjaj Developer at Acunetix, joins Paul at SecurityWeekly for an expert commentary on Hack Naked News programme. Juxhin talks about the resurgence of XSS after the big British Airways and NewEgg Hack! Watch the clip below to find out how these hacks could…
Acunetix v12 Review for Enterprise Customers on Firewall.cx
Firewall.cx first began its journey with Acunetix almost 12 years ago with its standalone Windows 98 program. The reviewer notes that the distance the web vulnerability scanner has come since then is “truly immeasurable”, managing to keep up with the competition as other companies have…
How To Protect Your Website Against A Cross-Site Scripting (XSS) Attack
One of the most common methods that hackers use/will use to attack your website is a cross-site scripting (XSS) attack. Basically, an XSS attack is where a hacker will take advantage of an XSS vulnerability to execute a malicious JavaScript when users visit your website….
Better web-pentesting in Windows with AHK
Recently, I have moved to Malta. It’s quite hot here, but as I’m from colder country, I like it very much. Actually, I’m obsessed with everything hot, including hotkeys! Every pentester / researcher / bugbounter / etc has their own approach to doing things in…
Pony: A Breakdown of the Most Popular Malware in Credential Theft
Pony has been around since 2011, but it’s still the biggest threat when it comes to credential theft, according to data from Blueliv’s report, The Credential Theft Ecosystem. It leads the way at 39%, with LokiPWS and KeyBase trailing behind at 28% and 16% respectively….
Multi-Cloud Design: The Priority Focus Should be on Application Security, Part 2
This is part-2 of a 2 part series that discusses the risks involved for application security in the new multi-cloud environments. This part introduces the requirements for multi-cloud, the types of multi-clouds and the risks they transport to application security. Requirements for multi-cloud So why…
How to Mitigate XXE Vulnerabilities in Python
What is XML External Entity (XXE)? XML External Entity Injection is often referred to as a variant of Server-side Request Forgery (SSRF). XXE leverages language parsers that parse the widely used data format, XML used in a number of common scenarios such as SOAP &…
Multi-Cloud Design: The Priority Focus Should be on Application Security, Part 1
This is part 1 of a two part series that discusses the risks involved for application security in the new multi-cloud environments. This part introduces cloud threats to the application, different types of cloud types and finally the latest multi-cloud design. Introduction The World Wide…
European Credential Theft Boom: How You Can Stay Safe
Credential theft has been a cyber-criminal staple since the early days of computing. While there have been fewer cases in the US over the past year, according to data from Blueliv we have seen a 39% spike in Europe. This massive rise should be alarming…