acx_logo

Featured Article

More comprehensive scanning with Acunetix WVS v9.5 – Part I

May 05, 2014 - 08:15am

In these 2 articles, I will be detailing the new functionality introduced in Acunetix WVS version 9.5. An important update introduced in the new version of Acunetix WVS is full JSON and XML support. If you are scanning a web ... [+]


In-depth analysis of a PHP attack that lead to Apple information disclosure

Recently over 100,000 Apple customers were affected by an information gathering attack on the AT&T website. Security experts blame this breach on “poorly designed software”. An analysis of the attack reveals that the hackers did indeed use a classic attack, in fact… … [+]

Seven Signs You’re Not Ready to Run a Web Vulnerability Scan

Seven Signs You’re Not Ready to Run a Web Vulnerability Scan

Looking to hop aboard the Web vulnerability scanning bandwagon to see just how vulnerable your Web site or application really is? Well, not so fast. Here are some signs you’re not ready to begin just yet: 1. You don’t have … [+]

Could BP Learn from the Malware Attacks on recent hosts?

Could BP Learn from the Malware Attacks on recent hosts?

As I watch the debacle unfold in what is quickly becoming widely known as one of the worlds worst environmental disasters – I watch with interest the actions of Mr. Hayward – the CEO and point man for the BP … [+]

Web application contingency plans - the missing link in Web security?

Web application contingency plans – the missing link in Web security?

Why are Web applications out of the loop when it comes to contingency planning? Look at any given security incident response or disaster recovery plan (assuming they even exist) and chances are business critical Web applications and related systems are … [+]

Fraud: An Infected Website Is a Commodity

It’s a sad statement to make that anyone can become a hacker, with a few dollars and the right contacts anyone can “order” an infected website.  A simple email will give anyone the means to access credit card numbers, addresses, … [+]

Consider outside of the box for security - It can be exposing

Consider outside of the box for security – It can be exposing

In the past few days, a site selling  Durex condoms have had a small ‘exposure’ problem.  As reported, the site had been suffering (time length unknown) from several basic security exposures, including even allowing orders to be viewed online, without … [+]

VIDEO: web application firewall bypass with a XSS attack

VIDEO: web application firewall bypass with a XSS attack

In the following demo video, Sandro Gauci of EnableSecurity shows how an attacker can switch off dotDefender in order to bypass any “protection” offered by the WAF.  Such attack is possible By exploiting a cross-site scripting vulnerability in the log … [+]

FAQ: Should I scan a website through a web application firewall?

FAQ: Should I scan a website through a web application firewall?

Unfortunately, security scans are frequently launched against a website or web application sitting behind a web application firewall, or some other kind of web security gateway device.  A website audit performed for a website through a “man in the middle” device … [+]

Third Annual Meetings of Heads of Information Systems Security RSSI'2010

Third Annual Meetings of Heads of Information Systems Security RSSI'2010

Acunetix reseller Hat Web Security Labs will be exhibiting Acunetix WVS in the Third Annual Meetings of Heads of Information Systems Security RSSI’2010.  The event will take place between 3rd and 4th of June 2010 at the Cyber Parc Elgazala, … [+]

Acunetix WVS helps Digicure discover web vulnerabilities

Acunetix WVS helps Digicure discover web vulnerabilities

A proper web security audit is a mixture of automated and manual tests; Acunetix WVS provides a comprehensive tool for automated testing purposes and useful toolbox Digicure can use for manual penetration testing as well.  “The most impressive thing about … [+]