Earlier on this year, a report from SANS institute showed that two of the twenty five most dangerous programming errors, led to more than 1.5 million website security breaches in 2008. The report is a joint effort from more than 30 US and international cyber…
Web Application Firewalls do not replace secure development and operation of web applications
In eval($WAF); whitepaper, L. Nothdurfter, W.Neudorfer and M. Kirchner from the University of Applied Sciences Upper Austria, explain in detail how they evaluated the capabilities of some leading WAFs (web application firewall), and concluded that although a WAF can raise the security level, secure development…
Every website is a target; hacktivism
As stated in previous blog posts, hackers don’t just hack websites to steal online databases and credit card details. Hacktivism, where innocent websites are defaced from malicious users to transmit their political view or opinion, is on the increase. In many major world political events,…
U.S. Dept. of Defence publishes attack details of two successful U.S. Army web servers’ breaches
Department of Defence and other investigators, are investigating two U.S. Army web server breaches which were never publicly disclosed. On 19th September 2007, and 26th January 2008, a Turkish hacker group known as “m0sted” successfully probed 2 U.S. Army web servers, by running a SQL…
New Acunetix WVS Version 6.5 sets new standards in web vulnerability scanning
We are proud to announce the launch of Acunetix Web Vulnerability Scanner Version 6.5. With this new version, we introduced the new ‘file upload forms vulnerability checks’. Acunetix is the industry’s first and only Web Vulnerability Scanner to scan web applications for this type of…
New Acunetix WVS 6.5 sets new standards in web vulnerability scanning
Unique Acunetix WVS vulnerability checks save businesses time, money and embarrassment London 20th May 2009 – Acunetix (www.acunetix.com), a pioneer in web application security scanning technology, has announced new ‘file upload forms vulnerability checks’ in version 6.5, an industry first and only Web Vulnerability Scanner…
Implementing a web application firewall is not enough to secure web applications
As demonstrated during an OWASP Europe 2009 presentation, WAFs (web application firewalls) also have vulnerabilities. Sandro Gauci (founder and CSO for EnableSecurity) and Wendel Henrique (member of SpiderLabs) showed how an attacker can easily identify and bypass several well known web application firewalls using XSS…
Acunetix WVS Version 6.5 BETA is available for download
Acunetix is proud to announce the launch of the BETA version of the upcoming Acunetix WVS Version 6.5. With this latest version, Acuntix is launching a new set of checks which check for vulnerabilities in file upload forms. To date, Acunetix WVS Version 6.5 is…
Learning from other’s mistakes: Twitter Security
Unless you have been sleeping under a stone for the past four years then you must have heard about Twitter in some way or another. The original idea behind Twitter was to provide a social network where everyone can tell followers what he or she…