What the Verizon Report 2015 tells us about web app attacks

Verizon’s annual report, now in its eighth year, analyzes breach intelligence and data from multiple sources, including customers of Verizon’s forensics response division and customers of FireEye, the firm that investigated the recent hack of Sony Pictures Entertainment. It also examines data from cases investigated by law enforcement agencies, and from government and industry computer […]

Read More →

WordPress 4.2.1 Security Release addresses yet another XSS vulnerability

Yesterday, WordPress announced another security release, urging all users to update all WordPress installations immediately. WordPress Security Release 4.2.1 fixes yet another Stored Cross Site Scripting (XSS) vulnerability, which allows an unauthenticated user to inject JavaScript in WordPress comments. The injected script can be affect both WordPress users and WordPress administrators, and therefore this vulnerability is […]

Read More →

Critical XSS vulnerability addressed in latest WordPress update

Yesterday, WordPress 4.1.2 was released. This is a very important security release, which addresses a critical cross-site scripting (XSS) vulnerability, which could allow an anonymous user to compromise a WordPress site.  The security release also addresses 3 other vulnerabilities affecting previous releases of WordPress. In WordPress 4.1 and higher, files with invalid or unsafe names […]

Read More →

Acunetix Dishes Out Security Solution to Catertrax

Catertrax, one of Acunetix’ valued clients, have recently provided us with a case study of their use of the scanner and how it helps them to maintain their security and reassure their customers. ‘Acunetix has helped make our application stronger and given our clients the assurance that their data is safe.’ Benjamin De Point, VP […]

Read More →

Acunetix represented at national conference in Portugal

On 9, 10 April Acunetix partner RedShift consulting participated in the 1st NATO Cyber Defence Projects’s Conference “A Smart Approach to a Smarter Cyber Defence” in Portugal. The event aimed to enhance and reinforce international cooperation by stimulating the involvement of academia and industry at the NATO and National Cyber Defence capability development processes. RedShift Consulting were a Gold […]

Read More →

Acunetix detects new critical IIS server vulnerability CVE-2015-1635 (MS15-034)

Yesterday was Patch Tuesday – Microsoft’s monthly rendezvous with all administrators wanting to keep their Microsoft products up to date with all security patches. This was no ordinary Patch Tuesday for web administrators. MS15-034 contains a CRITICAL security update for Microsoft IIS which addresses a remote code execution vulnerability, CVE-2015-034, which in simple terms, allows an attacker […]

Read More →

Heartbleed still affecting over 70% of top organisations

Despite first being disclosed in April of 2014, it seems that many of the top global organisations are still exposed to the Heartbleed vulnerability. In reports from threat intelligence agencies and the University of Maryland, estimates of susceptibility among the top 2000 global organisations ranges between 70 and 85%. While it’s believed many of these […]

Read More →

Acunetix Network Scans defend against Trojans and Backdoors

The task of keeping the systems running on the network perimeter and all the services exposed on the internet is substantial and ongoing. Considering that most network admins are time-starved, they can’t always be blamed for missing the latest security update for their software. A network security scan from the online version of Acunetix Vulnerability Scanner […]

Read More →