acunetix_logo_blog_post_100x74

Featured Article

Acunetix WVS v9.5 build 20140902 detects Hibernate Query Injection, Format Strings and more

September 02, 2014 - 11:30am

Acunetix Web Vulnerability Scanner version 9.5 build 20140902 has been updated to include new vulnerability checks, including detection of Hibernate Query Injection, format strings vulnerabilities, MySQL username disclosure and others, including some, in well-known web applications. This new build also ... [+]


Top 10 Insider Threats and How to Protect Yourself

Insider Threats: Dealing with the Enemy Inside

For companies, threats come from two sources—outside the organization and inside (reads: disgruntled, unethical employees). Insider threats can be very difficult to handle and the number of annual incidents is on the rise. The insider threat can come in several … [+]

breach-attack-acunetix-vulnerability-scanner

BREACH attack

The BREACH attack, abbreviated from Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext, is an attack similar to the CRIME attack. Both attacks are compression side channel attacks, however CRIME targets information compressed in HTTP requests through TLS compression, … [+]

The importance of Internal Web Security Assessments

The importance of Internal Web Security Assessments

What do things look like on the outside? That’s the main focus we have as human beings. But beauty is only skin deep. As with relationships and leaked NSA documents, we quickly discover that what’s on the inside is just … [+]

Service Side Request Forgery (SSRF) Attack Alert in Acunetix

Server Side Request Forgery (SSRF)

A Server Side Request Forgery (SSRF) attack gives an attacker the ability to use your web application to send requests to other applications running on the same machine, or to other servers which can be on the same or on … [+]

Automatic detection of XXE vulnerabilities in OpenID implementations using Acunetix AcuMonitor

Automatic detection of XXE vulnerabilities in OpenID implementations using Acunetix AcuMonitor

Reginaldo Silva recently uncovered a very interesting bug affecting Facebook (and received $33,500 for this discovery). The bug is caused by improper handling of XML documents in OpenID implementations causing XML External Entity Expansion vulnerabilities. He mentioned in his article … [+]

Acunetix logo

Acunetix Web Vulnerability Scanner v9, build 20140206 includes several new tests for vulnerabilities on well-known web applications

Acunetix Web Vulnerability Scanner version 9, build 20140206 is able to scan WordPress more efficiently, and includes various new checks for vulnerabilities in well-known systems such as MediaWiki, IBM Web Content Manager, Joomla! and Oracle. New Functionality in Acunetix Web … [+]

Systex 2013 resized

Systex IT Technology Forum

Organized by Systex, a leading IT services provider in Taiwan, the IT Technology Forum was held on the 12th of December 2013. The event was a next generation and security technology seminar aimed at introducing the latest technologies to the … [+]

Acunetix logo

Acunetix Web Vulnerability Scanner v9, build 20131216 includes a new PCI 3.0 compliance report and several new tests

Acunetix Web Vulnerability Scanner version 9, build 20131216 includes a new compliance report to cover the latest version of the PCI DSS Regulations. In addition, this new build checks for several vulnerabilities in various systems including Ruby on Rails, Zend … [+]

New security tests added to Acunetix Web Vulnerability Scanner

New Security Checks Added to Acunetix Web Vulnerability Scanner

The latest build of Acunetix Web Vulnerability Scanner includes a lot of changes and new security tests. Here is a short summary of the most interesting tests we’ve just added. 1. Vulnerable JavaScript libraries Acunetix Web Vulnerability Scanner can now identify … [+]

US Roadshow

USA Roadshow and OWASP AppSec 2013

Acunetix, organized a series of free workshops in St. Louis and New York City in November 2013. This culminated in Acunetix’s participation at OWASP AppSec USA – the premier North American OWASP conference – at the Marriott Marquis in Time Square, … [+]