acunetix_logo_blog_post_100x74

Featured Article

Acunetix WVS v9.5 build 20140902 detects Hibernate Query Injection, Format Strings and more

September 02, 2014 - 11:30am

Acunetix Web Vulnerability Scanner version 9.5 build 20140902 has been updated to include new vulnerability checks, including detection of Hibernate Query Injection, format strings vulnerabilities, MySQL username disclosure and others, including some, in well-known web applications. This new build also ... [+]


Latest WVS v9 build with new DOM XSS checks that can be injected in HTTP GET parameters

Latest Improvements in the Detection of DOM XSS Vulnerabilities

The latest build of Acunetix Web Vulnerability Scanner (Build 20131023) released yesterday, contains important improvements in the detection of DOM XSS vulnerabilities. Our DeepScan technology was also further strengthened in this build. Take the following piece of code for example: … [+]

Acunetix logo

Latest WVS v9 build with new DOM XSS checks that can be injected in HTTP GET parameters

Acunetix Web Vulnerability Scanner version 9, build 20131023 includes new DOM XSS checks for the type of DOM XSS vulnerabilities that can be injected in the HTTP GET parameters. This new build also includes the option to automatically save scan … [+]

AISA 2013

Acunetix and Aquion Participate in AISA National Conference

The 6th annual AISA National Conference, held at the Sydney Exhibition and Convention Centre on 10th October 2013, hosted over 900 experts and professionals from the Information Security industry. Acunetix showcased at the information odyssey-themed event in collaboration with Aquion, … [+]

XSS Vulnerability injected through Google Analytics, executed in IOS's Gmail application

XSS Vulnerability injected through Google Analytics, executed in IOS’s Gmail application

Roy Castillo, a security researcher from the Philippines, identified a cross-site scripting (XSS) vulnerability in the Gmail application for iOS. The vulnerability was found in the mail attachment feature and needed no user interaction to be triggered. In a post … [+]

IT Security Includes Cyber Attack Response

IT Security Includes Cyber Attack Response

Preventing cyber attacks is a dominant topic for IT security.  It is the first layer of defense.  The more attacks prevented the better – no question about it.  However, does great prevention guarantee there will no successful cyber attacks?  Of … [+]

Critical vulnerabilities discovered in Gazelle and TBDEV.net

Gazelle and TBDEV.NET are the most popular web applications used as BitTorrent trackers. A BitTorrent tracker is an application that assists in the communication between peers using the BitTorrent protocol. BitTorrent trackers can be public/open where anybody can join or … [+]

The Default WordPress Administrator Account Is In Use

The Default WordPress Administrator Account Is In Use

Alert group: WordPress default “admin” account exists Acunetix WP Security Plugin test: During this test Acunetix looks for the default admin account in the WordPress user list. Repercussions: With the default WordPress administrator account active, a malicious user does not … [+]

Acunetix Web Vulnerability Scanner v9, build 20131009 includes checks for HTML Injection and the detection of weak passwords in Joomla! and Django

Acunetix Web Vulnerability Scanner version 9, build 20131009 includes checks for HTML Injection, and adds the detection of weak passwords in Joomla! and Django’s Administrative interfaces. In addition, the new build includes the detection of readme documentation files, together with … [+]

On the increasing popularity of JavaScript - Acunetix.

On the Increasing Popularity of JavaScript

Many people think of JavaScript as a way to create interactive and dynamic web pages.   JavaScript gives visitors a great website experience across platforms and across browsers that can be adjusted and tweaked to fit the user’s device, interests, and … [+]

Slow HTTP DoS Attacks and How to Mitigate Them in Apache HTTP Server

How To Mitigate Slow HTTP DoS Attacks in Apache HTTP Server

A Slow HTTP Denial of Service (DoS) attack, otherwise referred to as Slowloris HTTP DoS attack, makes use of HTTP GET requests to occupy all available HTTP connections permitted on a web server. A Slow HTTP DoS Attack takes advantage … [+]