If your company isn’t taking important steps to protect against a potential data breach, it might be time to worry – attacks on businesses and organizations are increasing, and so are their costs. According to a new study by the Ponemon Institute, an average cost…
Deserialization vulnerabilities: attacking deserialization in JS
At ZeroNights 2017 conference, I spoke about “Deserialization vulnerabilities in various languages”. For my presentation, I used an interesting article about two serialization packages of Node.js. I showed them as examples of vulnerable implementations of deserialization processes. In this post, I’d like to show results…
What’s new in Acunetix v12
Hot on the release of Acunetix v12, check out what’s NEW in this brief presentation highlighting: Scan speed of up to 2X faster Support for latest JavaScript technologies (ES7) New AcuSensor for Java web applications Pause and Resume scan functionality Exclusion of specific paths in…
Preparing for Artificial Intelligence (AI) DDOS Attacks, Part 2
This is part-2 of a 2 part series that discusses the evolution from human to machine based DDoS attacks. It specifically delves into how to prepare for such attacks while keeping low positives and negatives to industry standard low. The Evolution of DDoS In the…
Artificial Intelligence (AI) used in DDOS Attacks, Part 1
This is part-1 of a 2 part series that discusses the use of Artificial Intelligence (AI) to compromise web applications. This part introduces the concept of AI and its use for destruction by cybercriminals. The speed at which cybersecurity has evolved over the last decade…
Virginia scanning program (VITA) uses Acunetix to slash vulnerabilities in web apps
The Virginia Information Technologies Agency (VITA) announced that it cut the number of high-risk vulnerabilities affecting its web applications by 30 percent in one year by implementing a vulnerability-scanning program that includes the use of Acunetix. VITA’s Web Application Vulnerability Scanning Program, implemented in 2016,…
Sail Smooth with Cloud Threats, Part 2 – Cloud APIs
This is part-2 of a 2 part series that continues to discuss cloud threats and how they affect web applications in the cloud. The following addresses insecure API’s and Management Plane, deepening the threat landscape. Management Plane – Security Perspective The cloud API management plane…
Sail Smooth with Cloud Threats – Cloud Security Issues
This is part-1 of a 2 part series that introduces the cloud and the types of threats and cloud security issues that opens the web application to compromisation. The following post addresses hypervisor breakouts, also known as VM escape. Cloud Introduction Cloud computing is the…
Acunetix Receives Software Informer Editor’s Pick Award
Software Informer’s Editor Pedro Castro scores Acunetix Web Vulnerability Scanner 4.4 out of 5 in points and awards it the Editor’s Pick Award for excellence. “All in all, there is no doubt that Acunetix Web Vulnerability Scanner belongs to the must-have group of security software.It…