Acunetix Vulnerability Scanner Added to UK Government’s G-Cloud 7

Web application security provider extends its services to the UK public sector LONDON, 13 January 2016 – Acunetix, the pioneer in automated web application security software, is pleased to announce its inclusion in the UK Government’s latest G-Cloud procurement framework, G-Cloud 7. Acunetix will offer their Online Vulnerability Scanner as Software-as-a-Service (SaaS), through the Digital […]

Read More →

Meet Acunetix at RSA Conference 2016

Meet us at Acunetix Booth 3227 North Hall Celebrating its 25th Anniversary, RSA® Conference is the leading global info security event, where practical real-world experts discuss cutting-edge solutions and reveal their evolving techniques, practices and concepts on information security. As a proud participant in RSAC, we invite you to join us in San Francisco, February 29 – March 4 where […]

Read More →

New attacks on SHA-1 and MD5 raise urgency for their obsolescence

A pair of researchers from INRIA, the French Institute for Research in Computer Science and Automation, have published an academic paper titled “Transcript Collision Attacks: Breaking Authentication in TLS, IKE, and SSH” in which they describe a series of transcript collision attacks against the ageing SHA-1 and MD5 hashing algorithms as they’re implemented in widely […]

Read More →

WordPress 4.4.1 security release patches XSS vulnerability

A high-severity Cross-site scripting (XSS) vulnerability has been fixed in WordPress’ new 4.4.1 release that is now available for download. In addition to the XSS vulnerability reported by security researcher ‘Crtc4L’, the release includes 51 other non-security bug-fixes. WordPress sites configured to receive automatic updates should be updated within 24 hours automatically, otherwise, ensure that […]

Read More →

In the headlines: Juniper backdoor, BBC hack, Steam attack, UK surveillance bill, and more

Juniper backdoor mystery, NSA are at least partly to blame Last week, tech company Juniper Networks who sell corporate networking solutions, disclosed that they had discovered two unauthorised encryption backdoors in their firewalls. Encryption backdoors will immediately grab attention as one of the surveillance methods the NSA had at one point suggested as allowing them […]

Read More →

Defence in Depth – Final Part – Update software, Isolate services

Update software and components Whether it’s a server’s operating system, a web server, a database server or even a client-side JavaScript library, an application should not be running software with known vulnerabilities. Updating, removing or replacing software or components with known vulnerabilities sounds obvious, but it’s a significant problem that thousands of organizations struggle to […]

Read More →