**Do not do the below change unless you are comfortable with PHPMyAdmin and making changes to MySQL. If not, ask someone who is familiar with WordPress and MySQL to assist you. Also, backup your blog; it is of utmost importance that before doing any changes to your WordPress installation or database, to backup the whole […]
A good web application security environment is one that balances security with convenience. Nothing more and nothing less; just the security that’s needed to keep things reasonably in check. But just how much is enough? All too often I see websites and applications with too little security while others have too much – namely “security […]
In the previous article, The Rise of the Backdoored WordPress Plugins, I discussed the ever-growing threat to WordPress security in the form of compromised plugins. As promised, here are the changes made by attackers to the popular plugins, WPtouch, W3 Total Cache and AddThis. WPtouch This backdoor is using some advanced PHP tricks. It’s masked […]
Alarming results have been announced following a recent survey conducted by the Ponemon Research Institute and Juniper Networks. In their survey, 583 American companies were interviewed on security related questions. The result seems to correlate with what we have been seeing in the media during the past year; hackers are nearly always successful in their […]
In this video we focus on the advanced penetration testing tool, HTTP Editor Tool, that is bundled with Acunetix Web Vulnerability Scanner. We begin by hacking a website using a source code disclosure vulnerability that was discovered using Acunetix Web Vulnerability Scanner and proceed to explain how we did the hack and how the HTTP […]
One of the things I’ve learned throughout my career is that many solutions to the problems we face in IT, security and software development can be solved if we simply turn to business leaders to see how it’s done. In particular, I’m talking about a practice called zero-based thinking. A tool that’s been around for […]
It all started a few months ago when I was visiting Lester Chan’s website looking for some information about one of his plugins. Lester Chan has written a good number of very popular WordPress plugins that are used by millions of people. Some of the most popular ones are WP-PageNavi, WP-DBManager, WP-PostRatings, WP-Polls and WP-PostViews. While […]
Sega Corporation has joined the increasingly long list of video game companies to suffer a data breach. In an email sent to members of its Sega Pass service, it admitted that the user accounts over almost 1.3 million users had been compromised.
We are pleased to announce a new system to record feature requests, which allows feature ideas to be voted upon and thus makes its much easier for us to see the most requested features. Furthermore, we can provide feedback more easily as ideas can be more easily tracked and commented on by the Acunetix team. […]
One lucky Acunetix Facebook follower will be selected at random to win an iPad 2!