Acunetix

Web Security Vulnerabilities Exposed by Google Searches (Google Hacking)

Chrysostomos Daniel — Fri, 24 May 2013 08:07:54 +0000

Google Hacking is a hacking technique used by hackers to identify web security vulnerabilities on web applications or gather information for general or individual targets. Mostly this information includes configuration and source code files, sensitive data, database information, etc. This ... [+]

The post Web Security Vulnerabilities Exposed by Google Searches (Google Hacking) appeared first on Acunetix.

Responding to DoS attacks at the web layer

Kevin Beaver — Wed, 15 May 2013 12:40:43 +0000

Are you ready to respond to DoS attacks at the web layer? In this article, Kevin Beaver shares an anecdote from his own experience whilst highlighting some important steps to take. First things first; responding to DoS attacks at the ... [+]

The post Responding to DoS attacks at the web layer appeared first on Acunetix.

Scanning a Template-based Website Using Acunetix WVS

Mark Flores Martin — Fri, 26 Apr 2013 10:03:09 +0000

Scanning a large website very often takes a long time. Using the default settings, Acunetix Web Vulnerability Scanner will first try to identify all the pages using various crawling techniques, and will then proceed to scan the pages that have ... [+]

The post Scanning a Template-based Website Using Acunetix WVS appeared first on Acunetix.

WordPress Caching Plugins Remote PHP Code Execution

Bogdan Calin — Tue, 23 Apr 2013 13:20:39 +0000

Two very popular WordPress caching plugins: WP Super Cache (4,373,811 downloads) and W3 Total Cache (1,975,480 downloads) have been affected by a vulnerability that allows remote users to execute arbitrary PHP code. The affected versions are: WP Super Cache (version 1.2 and below, ... [+]

The post WordPress Caching Plugins Remote PHP Code Execution appeared first on Acunetix.

WordPress Attack Vectors and Open Amazon S3 Buckets Identified by Acunetix WVS

Bogdan Calin — Thu, 18 Apr 2013 12:03:56 +0000

Recently there were a lot of news reports about an ongoing attack on sites using WordPress software. Attackers are using around 90,000 computers to try to brute force WordPress credentials. All these servers are trying common account names like admin, administrator, ... [+]

The post WordPress Attack Vectors and Open Amazon S3 Buckets Identified by Acunetix WVS appeared first on Acunetix.

New WordPress Checks in Acunetix Web Vulnerability Scanner v8 build 20130416

Nicholas Sciberras — Thu, 18 Apr 2013 11:18:47 +0000

This new release of Acunetix Web Vulnerability Scanner version 8, build 20130416, includes new and improved vulnerability checks which target WordPress installations, web applications hosted on Amazon S3, various other web applications. New Functionality Added a test that enumerates valid ... [+]

The post New WordPress Checks in Acunetix Web Vulnerability Scanner v8 build 20130416 appeared first on Acunetix.

The Risks Associated with Third-Party Software Components

Kevin Beaver — Tue, 16 Apr 2013 12:55:07 +0000

I was recently contacted by a colleague in an information security leadership position who was concerned about his developers using some third-party plug-ins for an enterprise application they were rolling out. His developers wanted to install these third-party components in ... [+]

The post The Risks Associated with Third-Party Software Components appeared first on Acunetix.

What Happens when you can’t Find Every Web Vulnerability?

Kevin Beaver — Tue, 09 Apr 2013 14:37:17 +0000

On one end of the application security and IT audit spectrum we have people that overlook the obvious and critical stuff. But just as dangerously, on the other end of the spectrum we have people who want us to find ... [+]

The post What Happens when you can’t Find Every Web Vulnerability? appeared first on Acunetix.

Is Your Security Appliance Hackable?

Robert Abela — Mon, 01 Apr 2013 12:26:16 +0000

In the late 90’s, businesses embraced the internet; they connected their networks and servers to the internet so their data can be accessed from anywhere around the world. This was a new era that gave businesses the opportunity to grow ... [+]

The post Is Your Security Appliance Hackable? appeared first on Acunetix.

Acunetix WVS Update 20130308 – New Security Tests

Bogdan Calin — Mon, 01 Apr 2013 09:26:39 +0000

Apart from the usual bug fixes / new functionality, each Acunetix WVS update generally includes new vulnerability tests or an improvement to existing checks. In this post, I would like to summarize the new security tests added in the latest ... [+]

The post Acunetix WVS Update 20130308 – New Security Tests appeared first on Acunetix.