There’s no Guarantee of Security

When it comes to the web, there’s never a guarantee of complete security. In fact, a clean bill of health doesn’t mean you truly have a clean bill of health. Similar to how a blood test or MRI scan cannot possibly find all health-related problems…

Read more

WordPress Pingback Vulnerability

Recently somebody posted on Reddit about a WordPress scanner that is taking advantage of a new WordPress vulnerability. The vulnerability is abusing the Pingback system, which is a well-known feature that’s used by a lot of bloggers. What is a Pingback? Quoting Wikipedia: A pingback…

Read more

Finding Web Flaws is not Point and Click

Successful web security testing is not as simple as point and click. Unfortunately, many people treat it as such. The thought process goes something like this: 1.    Load web vulnerability scanner. 2.    Enter URL to scan. 3.    Click Go. 4.    Generate report for the auditors….

Read more