acx_logo

Featured Article

More comprehensive scanning with Acunetix WVS v9.5 – Part I

May 05, 2014 - 08:15am

In these 2 articles, I will be detailing the new functionality introduced in Acunetix WVS version 9.5. An important update introduced in the new version of Acunetix WVS is full JSON and XML support. If you are scanning a web ... [+]


Critical vulnerabilities discovered in Gazelle and TBDEV.net

Gazelle and TBDEV.NET are the most popular web applications used as BitTorrent trackers. A BitTorrent tracker is an application that assists in the communication between peers using the BitTorrent protocol. BitTorrent trackers can be public/open where anybody can join or … [+]

The Default WordPress Administrator Account Is In Use

The Default WordPress Administrator Account Is In Use

Alert group: WordPress default “admin” account exists Acunetix WP Security Plugin test: During this test Acunetix looks for the default admin account in the WordPress user list. Repercussions: With the default WordPress administrator account active, a malicious user does not … [+]

Acunetix Web Vulnerability Scanner v9, build 20131009 includes checks for HTML Injection and the detection of weak passwords in Joomla! and Django

Acunetix Web Vulnerability Scanner version 9, build 20131009 includes checks for HTML Injection, and adds the detection of weak passwords in Joomla! and Django’s Administrative interfaces. In addition, the new build includes the detection of readme documentation files, together with … [+]

On the increasing popularity of JavaScript - Acunetix.

On the Increasing Popularity of JavaScript

Many people think of JavaScript as a way to create interactive and dynamic web pages.   JavaScript gives visitors a great website experience across platforms and across browsers that can be adjusted and tweaked to fit the user’s device, interests, and … [+]

Slow HTTP DoS Attacks and How to Mitigate Them in Apache HTTP Server

How To Mitigate Slow HTTP DoS Attacks in Apache HTTP Server

A Slow HTTP Denial of Service (DoS) attack, otherwise referred to as Slowloris HTTP DoS attack, makes use of HTTP GET requests to occupy all available HTTP connections permitted on a web server. A Slow HTTP DoS Attack takes advantage … [+]

Slowloris detection in AWVS

Why You Need To Pay Attention To The Slow HTTP Attack

Okay, I admit, I haven’t been stressing enough to people just how critical the Slow HTTP vulnerability really is. The Slow HTTP flaw is present on practically every Apache-based system I test and can facilitate denial of service (DoS) conditions … [+]

The Role Of An Automated Web Security Scanner In A Holistic Web Security Audit

The Role Of An Automated Web Vulnerability Scanner In A Holistic Web Security Audit

Easily two-thirds of the value of any given web vulnerabilities assessment comes from the use of automated web vulnerability scanners. At least that’s been my experience. I certainly don’t have the knowledge – or the time – to manually track … [+]

Why Management Still Doesn't Get Web Security

Why Management Still Doesn’t Get Web Security

Having worked in IT for nearly two and a half decades, I’ve certainly seen my share of blame and abuse thrown the way of IT. Whether the network is down or the application is unavailable, people immediately assume that whatever … [+]

Top 5 Information Security Trends in 2013

Top 5 Information Security Trends in 2013

It’s always tricky to write about “top trends” especially in information security given that things are always in a state of flux. Yet still I can’t help but think about several key areas that you and I must keep our … [+]

How Your Web Presence is Throwing You Out Of Compliance

How Your Web Presence is Throwing You Out Of Compliance

Don’t you hate it when you’re chugging along, minding your own business, doing what you believe to be the right things in business then whammo, an oversight catches you off guard? Take, for instance, a compliance violation that comes up … [+]