Cross-site Scripting (XSS) has been making the Top 5 list of exploitable vulnerabilities since it was first discovered way back in the 1990s. The term XSS refers to a client-side code injection attack wherein an attacker can execute malicious scripts into a legitimate website or…
What preventive steps can SMEs take to reduce the chance of cyber attack?
Every week the headlines carry news of high profile cyber attacks, in fact every day cyber criminals compromise thousands of websites – often without the site owner knowing. A recent study of 15,000 websites found nearly half contained a ‘high-severity’ vulnerability waiting to be exploited…
Netflix Sleepy Puppy – Nothing new
Netflix has released an open source tool that their engineering team have developed in-house that can find second-order XSS vulnerabilities in web applications. The tool is called Sleepy Puppy, and while it’s a good initiative from Netflix, the auto-detection of ‘Delayed XSS’ is nothing new….
Password hashing and the Ashley Madison hack
The mainstream media is in a frenzy about the Ashley Madison hack, and with good reason. Aside from the shady social and moral motives that most people are criticising Avid Life Media (the site’s owners) about, the breach is a notable one in terms of…
Acunetix GM interviewed on Rust Report
Acunetix General Manager, Chris Martin was interviewed by Len Rust for the popular Australasian ICT news platform – Rust Report during Cebit in Sydney Australia 2015. In his interview, Mr. Martin gives a brief overview of the company, describes what sets Acunetix apart from its competitors,…
In the headlines: Ashley Madison hack, Amazon quits Flash, Stolen IRS tax records and more
Adultery site data hits the web with serious consequences The Ashley Madison hack continues to grab headlines, with a reported 39GB of data having now been dumped online. What also emerged from the leaked data is that around 90% of users were in fact male….
WordPress 4.3 “Billie” improves password resets
The WordPress team have just announced that the 4.3 release of the massively popular blogging and content management software has been released to the public. While there are some interesting new usability features, the WordPress team have also released a new security feature that deals…
In the headlines: Oracle CSO fracas, Wassenaar re-evaluated, car hacking lawsuits and more
Oracle publish then delete blog whining about bug finders We’re well in the age of the ‘bug bounty’, where companies have cottoned on to the fact that it’s safer to pay those who discover security flaws in their products using ethical hacking techniques and software,…
In the headlines: Chinese VPN Services, MasterCard survey, Firefox Exploit and more
Chinese Internet Policing Becomes Literal China is well known for having some of the strictest internet restrictions in the world and the level of control from the government is now set to increase further, with police being posted at the larger internet companies. The government…