Telstra reveals Pacnet succumbs to SQLi attack

Telstra, Australia’s largest telephone operating company, revealed yesterday that its internal corporate network Pacnet had been compromised via an SQL Injection attack. So far it is not yet known what exactly was taken from the network, but it is clear that the perpetrators had complete access to the corporate network, including email and admin systems. […]

Read More →

Genericons DOM-based XSS Vulnerability

Hundreds of WordPress themes and plugins that make use of the Genericons package, could be vulnerable to a DOM-based XSS vulnerability affecting millions of WordPress installations. Genericons are versatile vector icons embedded in a webfont from Automattic (the creators of WordPress). The vulnerability resides in the examples.html file included in the Genericons package by default. […]

Read More →

How to configure a Free Scan Target in Acunetix OVS

Acunetix OVS users can configure Free Scan Targets which can be scanned for network vulnerabilities. These can be easily added to your Acunetix OVS account. Login to Acunetix OVS from https://ovs.acunetix.com From Scan Targets, select Add Scan Target Configure the new scan target If you are a customer, select “Free Scan Target (Network Scans Only)” […]

Read More →

What is a “Free Scan Target”?

A “Free Scan Target” is a network server that can be configured in Acunetix OVS and which can be scanned for network vulnerabilities. During the trial, Acunetix OVS users can configure up to 3 scan targets to test Acunetix. These Scan Targets will be automatically converted to Free Scan Targets after the Acunetix OVS trial […]

Read More →

What the Verizon Report 2015 tells us about web app attacks

Verizon’s annual report, now in its eighth year, analyzes breach intelligence and data from multiple sources, including customers of Verizon’s forensics response division and customers of FireEye, the firm that investigated the recent hack of Sony Pictures Entertainment. It also examines data from cases investigated by law enforcement agencies, and from government and industry computer […]

Read More →