Linux Kernel Vulnerability and how to fix it A flaw in the Linux Kernel has made big news lately, labelled as a local privilege escalation vulnerability. In fact, the company ‘Perception Point’ which released news of the flaw is under criticism as after reporting it…
Security Scorecard Survey Shows Retail Seriously Underperforming in Web Application Security
While not being in the worst performing sector for security, retail is one of the biggest targets for attackers and a number of breaches hit the headlines in 2015, the most well known being chain store Target. As retailers process a large volume of payments,…
Acunetix Added to UK Government’s G-Cloud 7
Web application security provider extends its services to the UK public sector LONDON, 13 January 2016 – Acunetix, the pioneer in automated web application security software, is pleased to announce its inclusion in the UK Government’s latest G-Cloud procurement framework, G-Cloud 7. Acunetix will offer…
Meet Acunetix at RSA Conference 2016
Meet us at Acunetix Booth 3227 North Hall Celebrating its 25th Anniversary, RSA® Conference is the leading global info security event, where practical real-world experts discuss cutting-edge solutions and reveal their evolving techniques, practices and concepts on information security. As a proud participant in RSAC, we invite you to…
New attacks on SHA-1 and MD5 raise urgency for their obsolescence
A pair of researchers from INRIA, the French Institute for Research in Computer Science and Automation, have published an academic paper titled “Transcript Collision Attacks: Breaking Authentication in TLS, IKE, and SSH” in which they describe a series of transcript collision attacks against the ageing…
WordPress 4.4.1 security release patches XSS vulnerability
A high-severity Cross-site scripting (XSS) vulnerability has been fixed in WordPress’ new 4.4.1 release that is now available for download. In addition to the XSS vulnerability reported by security researcher ‘Crtc4L’, the release includes 51 other non-security bug-fixes. WordPress sites configured to receive automatic updates…
In the headlines: Juniper backdoor, BBC hack, Steam attack, UK surveillance bill, and more
Juniper backdoor mystery, NSA are at least partly to blame Last week, tech company Juniper Networks who sell corporate networking solutions, disclosed that they had discovered two unauthorised encryption backdoors in their firewalls. Encryption backdoors will immediately grab attention as one of the surveillance methods…
Authenticated scans more effective! How?
The majority of web applications today make use of a login mechanism where the user must supply a set of credentials in order to navigate to authenticated areas of the web application. This allows access to restricted content and content that is customised to the…
Website hack: Help, my website has been hacked! What to do now?
Here we identify 4 practical steps SMEs can plan for and implement when they become a victim of a website hack. With the massive growth in cyber-crime, it’s a sad fact that it’s highly likely to become a question of ‘when’ rather than ‘if’. Below…