Web vulnerabilities can be split into two distinct groups; Technical Vulnerabilities and Logical Vulnerabilities. Technical vulnerabilities can be found by using automated processes, such as scanning a website with a web vulnerability scanner. On the other hand, logical vulnerabilities can only be detected manually. This…
The US National Vulnerability Database was Hacked and Infected with Malware
The US National Vulnerability Database has been hacked and infected with malware on the 8th of March 2013. Until today, the same place from where both black hats and white hats get information about existing software vulnerabilities, is still offline (15th of May 2013). So…
New security checks in Acunetix Web Vulnerability Scanner v8 build 20130308
This new release of Acunetix Web Vulnerability Scanner version 8 – build 20130308– includes a number of new security tests, most of which are product-specific, as well as various improvements in Cross-Site Scripting (XSS) checks and various bug fixes in the scan scheduler. New Functionality…
Improving WP (WordPress) Security
It is well known that WordPress (WP) is the most popular Content Management System (CMS) on the World Wide Web. Developed with PHP, and powered by mySQL databases, WordPress is used by an astonishing 8.5% of all websites. Web delivered malware and website cracking are…
Cyber-Espionage Now Considered a Direct Threat to American Economic Interests
Cyber-espionage, particularly for gathering economic intelligence, no longer looms on the horizon – according to the US government it is now a clear and present danger. Ellen Nakashima, a security reporter for The Washington Post, provided a brief summary of the findings of the National…
Acunetix Partner Intouch World to Participate in the Jailbreak Session at Nullcon Goa
International Security Conference Begins 27 February Acunetix partner Intouch World, a multi service, professional IT consulting organization based in Bangalore, India, will participate in the Jailbreak Session at Nullcon Goa 2013. Nullcon Goa is an international security conference for CXOs, Security Researchers, IT Professionals and…
Incident Response Plan Template – The Essential Elements
Incident response is the art (and science) of responding to computer security-related breaches. Interestingly, most organizations I deal with don’t have a documented incident response plan. The last thing you want to do during and after a security breach is figure out the best approach…
Better Evaluation with the Latest Acunetix WVS Build
We are pleased to announce a new release of Acunetix Web Vulnerability Scanner version 8 – build 20130205 – which provides a better evaluation experience by reporting all the vulnerabilities that are present in your web application. This new build also includes other minor product…
There’s no Guarantee of Security
When it comes to the web, there’s never a guarantee of complete security. In fact, a clean bill of health doesn’t mean you truly have a clean bill of health. Similar to how a blood test or MRI scan cannot possibly find all health-related problems…