‘Acunetix allowed us to identify some major vulnerabilities before hackers were able to exploit them. This has made Sendy a far more secure application and hugely reduced the risk of us being breached.’ Ben Ho, Developer, Sendy Sendy is a self hosted email newsletter application…
Critical XSS vulnerability addressed in latest WordPress update
Yesterday, WordPress 4.1.2 was released. This is a very important security release, which addresses a critical cross-site scripting (XSS) vulnerability, which could allow an anonymous user to compromise a WordPress site. The security release also addresses 3 other vulnerabilities affecting previous releases of WordPress. In…
PCI Security Council presses companies to switch to TLS
The PCI Security Council recently confirmed that the upcoming update to the PCI DSS guidelines, version 3.1 will include a change pressing companies to switch to TLS web encryption as opposed to the outdated SSL. This is mainly a response to Heartbleed, ShellShock and POODLE,…
Acunetix Dishes Out Security Solution to Catertrax
Catertrax, one of Acunetix’ valued clients, have recently provided us with a case study of their use of the scanner and how it helps them to maintain their security and reassure their customers. ‘Acunetix has helped make our application stronger and given our clients the…
Acunetix represented at national conference in Portugal
On 9, 10 April Acunetix partner RedShift consulting participated in the 1st NATO Cyber Defence Projects’s Conference “A Smart Approach to a Smarter Cyber Defence” in Portugal. The event aimed to enhance and reinforce international cooperation by stimulating the involvement of academia and industry at the NATO and National…
Acunetix detects new critical IIS server vulnerability CVE-2015-1635 (MS15-034)
Yesterday was Patch Tuesday – Microsoft’s monthly rendezvous with all administrators wanting to keep their Microsoft products up to date with all security patches. This was no ordinary Patch Tuesday for web administrators. MS15-034 contains a CRITICAL security update for Microsoft IIS which addresses a remote…
Heartbleed still affecting over 70% of top organisations
Despite first being disclosed in April of 2014, it seems that many of the top global organisations are still exposed to the Heartbleed vulnerability. In reports from threat intelligence agencies and the University of Maryland, estimates of susceptibility among the top 2000 global organisations ranges…
Acunetix Network Scans Defend against Trojans and Backdoors
The task of keeping the systems running on the network perimeter and all the services exposed on the internet is substantial and ongoing. Considering that most network admins are time-starved, they can’t always be blamed for missing the latest security update for their software. A…
Lessons to Learn from the AllCrypt Hack
On March 18, 2015, AllCrypt, a small crypto currency exchange posted what may very well be one of their last posts on their blog. The Bitcoin exchange had been hacked, resulting in stolen crypto currency. The AllCrypt Team described the attack in detail in their…