000webhost Breach Exposes 13 Million Passwords

000webhost is one of the most popular free hosting providers out on the Internet. Unfortunately for them and their users, all their 13 million user accounts have had their usernames and passwords leaked through what was eventually revealed to be a database breach via an exploit of a vulnerability in an old version of PHP. […]

Read More →

New Joomla! SQL Injection vulnerability gives attackers full control of your website

A high-severity SQL injection vulnerability has been identified in versions 3.2 through to 3.4.4 of Joomla!. The popular Content Management System (CMS), second only to WordPress with a staggering 6.6% CMS marketshare (as of October 23, 2015, based on a W3Techs’ trend reports runs on an estimated 2.8 million sites (according to a survey carried out by […]

Read More →

Get tested during Cyber Security Awareness Month

It is October again, and that means that it is a better time than ever to set aside some time to gather the relevant troops inside your organization to evaluate your information security posture – because October is National Cyber Security Awareness Month! Since its inception in 2004, National Cyber Security Awareness Month (NCSAM) is […]

Read More →

Gartner recognizes Acunetix as a Challenger for Application Security Testing in 2015

Acunetix Receives 2nd highest product score for Manual Web Penetration Testing in Gartner’s 2015 Critical Capabilities for Application Security Testing Report Gartner, Inc., the leading provider of research and analysis on the global information technology industry, has recognised Acunetix as a challenger, assigning Acunetix Web Vulnerability Scanner a score of 4.36 out of 5.0 in […]

Read More →

In the headlines: David Jones and T-Mobile hack, remote code execution bugs, WinRAR vulnerability, and more

Australian department store David Jones victim of hack Australian department store giant David Jones has informed customers through a notice on their site, that they were recently hacked. However, they also assured account holders that no financial data had been breached and that there was no need to take any action. The Australian Federal Police […]

Read More →

SQLi – How it works (Part 1)

In this 6 part series on SQLi (SQL Injection) we shall be describing the vulnerability and its variants, showing how it works and what an attacker can do with it. SQL injection (SQLi) refers to an injection attack wherein an attacker can execute malicious SQL statements (also commonly referred to as a malicious payload) that […]

Read More →