We are pleased to announce a Release Candidate (RC) of the much-awaited Acunetix Web Vulnerability Scanner, version 8. This build fixes issues that were reported during the Beta stages of development and also adds a number of improvements which boost the accuracy of checks and make the scanning process even more intuitive and user friendly. […]
Recently, a project manager I work with asked me if I had manually validated a set of security flaws I uncovered during a web security assessment. The flaws in question were related to the server host and not the actual Web application. I actually had not manually validated every single finding in that regard. I […]
I recently participated in a webinar aimed at helping physical security professionals, corporate security managers and others responsible for both physical and logical security. This is an area of security that doesn’t get near the attention it deserves – especially when it comes to the Web security component.
When someone hacks a website, what are they trying to accomplish? Some just do it for fun while others have more dangerous things in mind and even worse, financial interests. Some hackers like to show off and will maybe replace your home page with a huge announcement that says your site has been defaced. Not […]
A new version of WordPress is available for download. WordPress version 3.3.1 includes a fix for a disclosed reflected cross-site scripting vulnerability reported by Joshua H., Hoang T., Stefan Zimmerman, Chris K and the GoDaddy team. It also includes 15 other fixes for several other bugs. Even though the reflected cross-site scripting vulnerability is hard […]
I’ve had several questions from clients recently on how they can to secure FTP running on their web servers. The easy and short-sighted response would be “Are you nuts? You need to run FTP on a dedicated server!” However, looking at it from a business perspective considering things like money, politics, business process and third-party […]
HTTP authentication adds a secondary layer of WordPress security that protects the admin dashboard — or wp-admin — by requiring the user to submit further authentication. After creating the .htaccess file for protecting the WordPress wp-admin folder, you should create a username and password database file for HTTP authentication. In other words, you simply need to […]
As the BETA program for Acunetix Web Vulnerability Scanner 8 keeps gaining momentum, all the great feedback received from our BETA participants has helped us achieve the BETA 2 milestone. This brings a significant number of improvements to WVS 8, including new usability features, component enhancements, and a series of bug-fixes.
Like chemists, carpenters and doctors, those of us working in IT need good tools if we’re expected to do a good job. When dealing with application security, good security testing tools will always set the professionals apart from the amateurs. In fact, the quality of your tools for performing a site security audit will have […]
Hello WordPress 3.3! The legendary Content Management System (CMS) — or blogging platform for us mortals — has been given a slick update, code-named ‘Sonny’ after the late jazz saxophonist Sonny Stitt. WordPress 3.3 is now available us an automatic update through your WordPress dashboard, or as a separate download from the official WordPress site. […]