Fraud: An Infected Website Is a Commodity

It’s a sad statement to make that anyone can become a hacker, with a few dollars and the right contacts anyone can “order” an infected website.  A simple email will give anyone the means to access credit card numbers, addresses, and all of your personal information.  One blogger went so far as to label this […]

Read More →

VIDEO: web application firewall bypass with a XSS attack

In the following demo video, Sandro Gauci of EnableSecurity shows how an attacker can switch off dotDefender in order to bypass any “protection” offered by the WAF.  Such attack is possible By exploiting a cross-site scripting vulnerability in the log viewer facility of the dotDefender admin interface.  Watch the video below for a more in […]

Read More →

Acunetix WVS helps Digicure discover web vulnerabilities

A proper web security audit is a mixture of automated and manual tests; Acunetix WVS provides a comprehensive tool for automated testing purposes and useful toolbox Digicure can use for manual penetration testing as well.  “The most impressive thing about Acunetix Web Vulnerability Scanner must be how comprehensive the application is. It contains countless features […]

Read More →