Since I first got involved with information security I’ve been a strong proponent of focusing on the common sense basics. We all know what needs to be done yet I see fundamental web security problems in practically every assessment I perform. From passwords to patches…
Using Acunetix Web Vulnerability Scanner as a Proxy Server
Among many advanced penetration testing tools provided, Acunetix Web Vulnerability Scanner (WVS) offers you the HTTP Sniffer tool. With the HTTP Sniffer you can capture, trap, analyze and even modify any HTTP traffic that the sniffer is listening to, e.g. port 8080. The Acunetix HTTP…
How Can I Change My Default WordPress Admin Username?
When you install WordPress your default administrator username will be ”admin”, unless you specify another name. By logging into your WordPress admin account you have full permissions to access the WordPress directories and dashboard, meaning that you can control your entire website. If you don’t change your…
Top 5 WordPress Issues and Vulnerabilities Exploited by Malicious Hackers
Since the end of 2004, the US National Vulnerability Database has recorded 389 types of WordPress issues and vulnerabilities. With more than 73 million websites, WordPress has become one of the most preferred exploitation destinations for attackers across the globe. While WordPress has been continuously…
Mac Malware Underscores Why You Can’t Ignore Web Security Threats
Looks like the Mac is finally getting what’s been coming: Mac Malware. And lots of it just recently with the Flashback infection that apparently impacted up to 700,000 Macs. We’ve all heard it from the Mac bigots: One of the main reasons I use a…
Web Application Firewall (WAF) and the false sense of security
A Web Application Firewall (WAF) is an excellent last line of defense. Based on what I see in my testing they’re great at blocking both automated scans and granular exploits like Cross-Site Scripting and SQL injection. I recommend WAFs to clients all the time. But…there’s…
Acunetix Web Vulnerability Scanner Introduces New Security Check for PHP-CGI Installations
We are pleased to announce an updated build of Acunetix Web Vulnerability Scanner 8 (WVS 8). Build number 20120508 includes a number of new scheduler features, a new security check for PHP-CGI, as well as a series of bug fixes.
How to Configure Secure WordPress Database Permissions
The WordPress database is the most important component of your WordPress website. It contains all the content of your website, such as information about your users and all your posts, etc. In order to access the database, a database user should have specific privileges that…
FAQ: How do I Scan Multiple Websites with Acunetix Web Vulnerability Scanner?
Running multiple instances of Acunetix Web Vulnerability Scanner (WVS) allows you to scan multiple websites simultaneously. Each instance can scan one website at a time – you can have up to two instances of all Acunetix WVS editions or up to ten instances if you…