Black Hat Infosecurity Report reviewed

Black Hat USA is one of the biggest security events on the global calendar; now in its 18th year the six day event is well attended by the security staff of some of the biggest companies, with many having more than 5000 employees. Therefore, this is an excellent place to hold a survey about cyber […]

Read More →

Is the new OpenSSL vulnerability Heartbleed all over again?

Last Monday, OpenSSL core team member Mark J Cox, delivered some, grim, but somewhat expected news on OpenSSL’s mailing list — A new version of OpenSSL is due to be released this Thursday 9th July, fixing a single security defect classified as “high” severity. OpenSSL is a widely used open-source toolkit for implementing the SSL/TLS protocols, […]

Read More →

Acunetix Web Application Vulnerability Report 2015

A year after the release of the online version of our vulnerability scanner in March 2014, Acunetix have aggregated the findings of over 15,000 scans performed on 1.9 million files over the past 12 months with some interesting results. The report details the most common vulnerabilities found, how often they occurred and which bugs our users […]

Read More →

Blind Out-of-band Remote Code Execution vulnerability testing added to AcuMonitor

Similar to Blind Out-of-band SQL Injection vulnerabilities, AcuMonitor can now detect Blind Out-of-band Remote Code Execution vulnerabilities. Let’s consider a vulnerable PHP application that contains the following code $cmd = isset($_GET[‘1′]) ? $_GET[‘1′] : ”; if ($cmd) { exec(‘ping -c 1 ‘ . $cmd); } This application executes a shell command that is composed from […]

Read More →

Blind Out-of-band SQL Injection vulnerability testing added to AcuMonitor

Acunetix AcuMonitor is a free intermediary service that helps detect second-order vulnerabilities (i.e. vulnerabilities that do not provide a response to a scanner during testing) during a scan. AcuMonitor made its debut with Acunetix WVS version 9. Since then, we’ve continuously improved the service and the number of vulnerabilities it can detect. With the latest […]

Read More →