WordPress Pingback Vulnerability

Recently somebody posted on Reddit about a WordPress scanner that is taking advantage of a new WordPress vulnerability. The vulnerability is abusing the Pingback system, which is a well-known feature that’s used by a lot of bloggers. What is a Pingback? Quoting Wikipedia: A pingback…

Read more

Finding Web Flaws is not Point and Click

Successful web security testing is not as simple as point and click. Unfortunately, many people treat it as such. The thought process goes something like this: 1.    Load web vulnerability scanner. 2.    Enter URL to scan. 3.    Click Go. 4.    Generate report for the auditors….

Read more