American Express website vulnerable… again!

A few days ago a Cross-site-scripting vulnerability was discovered and reported on the American Express Site. A XSS vulnerability can allow attackers to steal user authentication cookies from americanexpress.com, thus leading to an account hijack. As web-security consultant Joshua D.Abraham said, web developers addressed only…

Read more

What do American Express and Facebook have in common?

Cross Site Scripting seems to be the word of the past few days with high profile sites getting featured on the technology news sites. ZDNet reported how Facebook just fixed four XSS security flaws affecting their developer’s page, the iPhone login page, the new users…

Read more

Facebook Worm on the Loose

A worm abusing Facebook‘s messaging system is making rounds between friends. It consists of an executable worm known as Koobface that runs on the victim’s computer and searches for Facebook cookies on his or her computer. It will then use these cookies to hijack an…

Read more

Acunetix Launches Free Cross Site Scripting Security Scanner

Organizations now able to protect their websites from growing threat of Cross Site Scripting vulnerabilities London, UK – 4 September, 2007 – Acunetix today launched a Trial Edition of its popular web vulnerability scanner, which allows companies to check for cross site scripting vulnerabilities in their…

Read more

Can you afford to pay $500K in fines?

New version 5 of Acunetix Web Vulnerability Scanner ensures companies meet PCI compliancy London, UK – June 11, 2007 – The PCI Compliancy Standard requires any company that has a website and does business online, to ensure their web site and web applications are secure….

Read more