New Acunetix WVS V6.5 build; better support for CAPTCHA and modern authentication mechanisms

With the release of Acunetix WVS Version 6.5 latest build; 20090728 (https://www.acunetix.com/support/build-history.htm), we announce that Acunetix WVS has better support for web applications with CAPTCHA, single sign-on and Two factor authentication mechanisms. ¬†Thanks to the new ‘Manual Intervention’ module, IT security professionals can now save valuable time when securing web applications, since much less manual […]

Read More →

VIDEO: Meeting PCI DSS requirements with Acunetix

Unlike web application firewalls, Acunetix Web Vulnerability Scanner focuses on fixing web security problems, whether than preventing them from happening. Acunetix WVS helps in detecting cross site scripting, sql injections and other web vulnerabilities before the web application is exposed on the internet, during its development cycle. When implementing a web application firewall, only PCI […]

Read More →

OpenX 2.6.4 vulnerabilities were identified with Acusensor

If you are making use of OpenX, the following update fixes a number of security flaws that were identified when we made use of Acunetix WVS with the Acusensor technology enabled. Released an advisory detailing these vulnerabilities here. The SQL injection vulnerabilities abuse an INSERT statement and therefore an attacker, or normal web application scanner […]

Read More →

A quick security analysis of Facebook’s Album Privacy

Most social networking sites have privacy options which allow users to share photo albums with selected people or groups. Such features encourage end users to upload possibly compromising photos, for example photos of last night’s party. The idea is that it is acceptable to share certain photos with your friends, but not with your future […]

Read More →

Acunetix WVS Scripting reference available

With Acunetix WVS version 6, Acunetix introduced a Port Scanner and Network Alerts. When scanning a website, a port scan against the web server can be launched (optional) and once open ports are found specific network security tests are launched against the network service running on that port. A full range of tests are available, […]

Read More →

Running AcuSensor Injector on Windows Server 2008

If you try to run AcuSensor Injector on Windows Server 2008 you will receive the error “Error populating websites, Unknown error (0x80005000)”. AcuSensor Injector is using Active Directory Service Interfaces (ADSI) to construct a list of websites and virtual directories. ADSI is not available by default on Windows Server 2008. To solve this problem you […]

Read More →