Aleksei Tiurin, Senior Security Researcher at Acunetix, joins Paul’s Security Weekly to talk us through “Insecure Deserialization in JAVA/JVM”! After initial extensive research in 2015, Insecure Deserialization has been a very hot topic in the Java-world. More and more deserialization vulnerabilities are found again and…
How To Clean A Hacked Installation of Nginx
There are literally hundreds of ways to secure & solidify a Nginx server after an attack. But, what does it REALLY need to be cleaned and secure? What are the essential changes you have to make to feel secure again? To answer that question, we’ll have…
Setting Up A Free TLS/SSL Certificate With “Let’s Encrypt”
SSL is short for secure sockets layer, which is an encryption standard that is used to encrypt data going between the browser in the server. In other words, an SSL protects data submitted on your site via visitors and customers. You set up SSL by…
What are the Challenges of Using Open Source Cybersecurity Tools?
By making their source code freely available, developers of open source software rely on the power of the wider community in order to help them audit and improve their code. Not only this but also by involving the wider community of users in the development…
Hack Naked News Episode: British Airways and NewEgg Hacks
Juxin Dyrmishi Brigjaj Developer at Acunetix, joins Paul at SecurityWeekly for an expert commentary on Hack Naked News programme. Juxhin talks about the resurgence of XSS after the big British Airways and NewEgg Hack! Watch the clip below to find out how these hacks could…
Acunetix v12 Review for Enterprise Customers on Firewall.cx
Firewall.cx first began its journey with Acunetix almost 12 years ago with its standalone Windows 98 program. The reviewer notes that the distance the web vulnerability scanner has come since then is “truly immeasurable”, managing to keep up with the competition as other companies have…
How To Protect Your Website Against A Cross-Site Scripting (XSS) Attack
One of the most common methods that hackers use/will use to attack your website is a cross-site scripting (XSS) attack. Basically, an XSS attack is where a hacker will take advantage of an XSS vulnerability to execute a malicious JavaScript when users visit your website….
Better web-pentesting in Windows with AHK
Recently, I have moved to Malta. It’s quite hot here, but as I’m from colder country, I like it very much. Actually, I’m obsessed with everything hot, including hotkeys! Every pentester / researcher / bugbounter / etc has their own approach to doing things in…
Pony: A Breakdown of the Most Popular Malware in Credential Theft
Pony has been around since 2011, but it’s still the biggest threat when it comes to credential theft, according to data from Blueliv’s report, The Credential Theft Ecosystem. It leads the way at 39%, with LokiPWS and KeyBase trailing behind at 28% and 16% respectively….