Acunetix Web Vulnerability Scanner Voted Windowsecurity.Com Readers’ Choice Award Winner for the third time in a row London, UK – 25 February 2010 – Leading Windows Security resource site, WindowSecurity.com, announced today that Acunetix Web Vulnerability Scanner was selected the winner in the Web Application Security…
Acunetix WVS Version 6.5 build 20100210 released
An updated build of Acunetix WVS Version 6.5 has been released. This build addresses a number of bug fixes , an updated Acunetix Firefox extension and a new security check. New Security Check: Test for Cross Site Scripting in the Referrer header Improvement: Acunetix Firefox…
Authenticated XSS – problem or not?
Obviously, cross-site scripting (XSS) is a big problem on the public Web. But there’s another angle to XSS that no one seems to be talking about – at least I’m not seeing anything on it. It’s the issue of XSS on Web pages that are…
Latest Comparison Report from Larry Suto
Last week, Larry Suto published a report entitled “Accuracy and Time Costs of Web Application Security Scanner Report”. I’ve started to investigate in detail the results from this report. And I’ve found a list of inaccuracies. Here is a direct quote from his paper: Methodology…
Get sued for Malware Distribution
It’s becoming quite clear that this is an age of increased malware and security threats. The news is becoming more and more flooded with these kinds of reports and many of them are from reputable companies that end up looking stupid because of a vulnerability…
FAQ: Can I scan a website that uses URL rewrite without specifying URL rewrite rules in Acunetix WVS?
Although it is not a suggested operation, yes, you can still scan a website which has URL rewrite enabled without specifying any URL rewrite rules in Acunetix Web Vulnerability Scanner. Unlike other scanners, Acunetix WVS will advise you once it detects that the target website…
Acunetix WVS Version 6.5 build 20100203 released
An updated build of Acunetix WVS Version 6.5 has been released with a number of new security checks, improvements and bug fixes. New security checks: 8.3 DOS filename source code disclosure Apache Tomcat Directory Host Appbase authentication bypass vulnerability Apache Tomcat WAR File directory traversal…
Malware Scanning – Customer Scenario
Malware… Yes, its been around for many years. However the attack vector has changed. Long ago the primary distribution method was by sharing dirty data (yes, exchanging floppy disks….remember those days?! Then it went onwards into distributing viruses and malware via email (this is the…
e107 CMS system website compromised
As part of my job here at Acunetix, from time to time I analyze source code looking for security problems. Using this information I adjust Acunetix WVS to detect these problems automatically (when it’s possible). Monday, I downloaded e107 from e107.org and started analyzing the…