In her 5 December article in The New York Times, “For PC Virus Victims, Pay or Else,” cybersecurity reporter Nicole Perlroth discusses the growing threat of ransomware in the USA. Ransomware is a type of malware that takes your computer hostage, freezing it until you…
An Unhappy New Year – Security Researcher Discloses New Batch of MySQL Vulnerabilities
Earlier this month, on the Security Week website, Steve Ragan published an article about a security researcher who posted several vulnerabilities to the Full Disclosure mailing list – seven of these are MySQL vulnerabilities. The complete list of vulnerabilities is available here. CVE assignments have…
Have a Merry WordPress 3.5 Christmas! Make it Last All Year with Acunetix
The folks over at WordPress released WordPress 3.5 on 11 December. A veritable Christmas present for bloggers and developers, WordPress 3.5 is chock full of new features and improvements. The most dramatic improvement is a re-imagined flow for uploading photos and creating galleries. WordPress 3.5 also includes…
Acunetix Support Availability During the Festive Season
Kindly note that the Acunetix Support Team will operate normally the last week of December 2012 and the first week of January 2013 with the following exceptions: 24 December – open until 6pm CET (GMT +1). 25, 26 December – closed 27 and 28 December…
WordPress Pingback Vulnerability
Recently somebody posted on Reddit about a WordPress scanner that is taking advantage of a new WordPress vulnerability. The vulnerability is abusing the Pingback system, which is a well-known feature that’s used by a lot of bloggers. What is a Pingback? Quoting Wikipedia: A pingback…
New Acunetix WVS Build Includes ISO 27001 Template
We’ve just released a new version of Acunetix WVS version 8 – build 20121213 – which includes several new security checks such as the new module that tests Slow HTTP Denial of Service attacks like Slowloris. We’ve also added a good number of improvements and bug…
Your Scanning Experience Determines Your Scanning Success
You know the saying about riding a bicycle – do it once and you’ll remember it forever? That may be true for bicycles, but it’s certainly not the case when it comes to web security testing. The tools we use and the flaws we’re attempting…
Finding Web Flaws is not Point and Click
Successful web security testing is not as simple as point and click. Unfortunately, many people treat it as such. The thought process goes something like this: 1. Load web vulnerability scanner. 2. Enter URL to scan. 3. Click Go. 4. Generate report for the auditors….
2012 – The Year Hacking Became a Political Weapon
On 30 November Reuters reported that Anonymous will shut down Syrian government websites worldwide to fight the government’s countrywide Internet blackout, which many believe was put into effect to silence opposition to President Bashar al-Assad. According to Martin Chulov of The Guardian, in his 29…