Did you know that there are risks associated with third-party software?

The Risks Associated with Third-Party Software Components

I was recently contacted by a colleague in an information security leadership position who was concerned about his developers using some third-party plug-ins for an enterprise application they were rolling out. His developers wanted to install these third-party components in … [+]

What do you do when you can't find every web vulnerability?

What Happens when you can’t Find Every Web Vulnerability?

On one end of the application security and IT audit spectrum we have people that overlook the obvious and critical stuff. But just as dangerously, on the other end of the spectrum we have people who want us to find … [+]

Make sure if your security appliance is hackable or not with Acunetix

Is Your Security Appliance Hackable?

In the late 90’s, businesses embraced the internet; they connected their networks and servers to the internet so their data can be accessed from anywhere around the world. This was a new era that gave businesses the opportunity to grow … [+]

The Thinking Man - a new blog post from Acunetix

Logical and Technical Vulnerabilities – What they are and how can they be detected?

Web vulnerabilities can be split into two distinct groups; Technical Vulnerabilities and Logical Vulnerabilities. Technical vulnerabilities can be found by using automated processes, such as scanning a website with a web vulnerability scanner. On the other hand, logical vulnerabilities can … [+]

The US National Vulnerability Database was hacked on 8th March 2013

The US National Vulnerability Database was Hacked and Infected with Malware

The US National Vulnerability Database has been hacked and infected with malware on the 8th of March 2013. Until today, the same place from where both black hats and white hats get information about existing software vulnerabilities, is still offline … [+]

Incident Response Plan Template – The Essential Elements

Incident Response Plan Template – The Essential Elements

Incident response is the art (and science) of responding to computer security-related breaches. Interestingly, most organizations I deal with don’t have a documented incident response plan. The last thing you want to do during and after a security breach is … [+]

How to set (and keep) your web security goals for 2013

How to Set (and Keep) Your Web Security Goals for 2013

Can you believe it’s time again for those New Year’s resolutions? It’s always great to start the New Year with a fresh set of to-do items that you’re finally going to get around to doing. The problem, however, is that … [+]

How does ransomware affect you?

Don’t Be Held For Ransom with Ransomware

In her 5 December article in The New York Times, “For PC Virus Victims, Pay or Else,” cybersecurity reporter Nicole Perlroth discusses the growing threat of ransomware in the USA. Ransomware is a type of malware that takes your computer … [+]

The Acunetix Team have found a pingback vulnerability in the new WordPress 3.5 build

WordPress Pingback Vulnerability

Recently somebody posted on Reddit about a WordPress scanner that is taking advantage of a new WordPress vulnerability. The vulnerability is abusing the Pingback system, which is a well-known feature that’s used by a lot of bloggers. What is a … [+]

Practice Makes Perfect

Your Scanning Experience Determines Your Scanning Success

You know the saying about riding a bicycle – do it once and you’ll remember it forever? That may be true for bicycles, but it’s certainly not the case when it comes to web security testing. The tools we use … [+]