Server Side Request Forgery (SSRF)

A Server Side Request Forgery (SSRF) attack gives an attacker the ability to use your web application to send requests to other applications running on the same machine, or to other servers which can be on the same or on a remote network. Since the requests are being piggybacked via your server, the target might […]

Read More →

Automatic detection of XXE vulnerabilities in OpenID implementations using Acunetix AcuMonitor

Reginaldo Silva recently uncovered a very interesting bug affecting Facebook (and received $33,500 for this discovery). The bug is caused by improper handling of XML documents in OpenID implementations causing XML External Entity Expansion vulnerabilities. He mentioned in his article that many OpenID implementations/libraries are affected by this bug. I was curious to learn more […]

Read More →

Acunetix Web Vulnerability Scanner v9, build 20140206 includes several new tests for vulnerabilities on well-known web applications

Acunetix Web Vulnerability Scanner version 9, build 20140206 is able to scan WordPress more efficiently, and includes various new checks for vulnerabilities in well-known systems such as MediaWiki, IBM Web Content Manager, Joomla! and Oracle. New Functionality in Acunetix Web Vulnerability Scanner v9 Added a test for Joomla! JomSocial component < 3.1.0.1 – Remote code […]

Read More →

Systex IT Technology Forum

Organized by Systex, a leading IT services provider in Taiwan, the IT Technology Forum was held on the 12th of December 2013. The event was a next generation and security technology seminar aimed at introducing the latest technologies to the IT community. Acunetix was exhibited by product manager Mr Arthur Yu, who was available for […]

Read More →

Acunetix Web Vulnerability Scanner v9, build 20131216 includes a new PCI 3.0 compliance report and several new tests

Acunetix Web Vulnerability Scanner version 9, build 20131216 includes a new compliance report to cover the latest version of the PCI DSS Regulations. In addition, this new build checks for several vulnerabilities in various systems including Ruby on Rails, Zend Framework, Nginx and WordPress. New Functionality Added a new Compliance Report Template for PCI 3.0 […]

Read More →

USA Roadshow and OWASP AppSec 2013

Acunetix, organized a series of free workshops in St. Louis and New York City in November 2013. This culminated in Acunetix’s participation at OWASP AppSec USA – the premier North American OWASP conference – at the Marriott Marquis in Time Square, New York. The workshops proved to be a success, particularly in New York around OWASP […]

Read More →

Acunetix Announces Beta Release of Online Vulnerability Scanner

MALTA, 4 December 2013- Acunetix today announced the beta release of its latest product, Acunetix Online Vulnerability Scanner. Responsive, scalable and centralised with unmatched deep crawling and scanning capabilities, Acunetix Online Vulnerability Scanner promises to help businesses of any size protect their websites, web applications and web servers through an easy-to-use and intuitive web-based solution. […]

Read More →

Acunetix Exhibited at GITEX Technology Week 2013

Comguard, an official Partner for Acunetix Web Vulnerability Scanner based in the United Arab Emirates, participated in the GITEX exhibition held between October 20th and October 24th 2013 at the Dubai World Trade Centre. Acunetix was showcased as one of the key vendors for Comguard at one of the largest ICT business gatherings in the world, […]

Read More →