You know the saying about riding a bicycle – do it once and you’ll remember it forever? That may be true for bicycles, but it’s certainly not the case when it comes to web security testing. The tools we use and the flaws we’re attempting…
Finding Web Flaws is not Point and Click
Successful web security testing is not as simple as point and click. Unfortunately, many people treat it as such. The thought process goes something like this: 1. Load web vulnerability scanner. 2. Enter URL to scan. 3. Click Go. 4. Generate report for the auditors….
2012 – The Year Hacking Became a Political Weapon
On 30 November Reuters reported that Anonymous will shut down Syrian government websites worldwide to fight the government’s countrywide Internet blackout, which many believe was put into effect to silence opposition to President Bashar al-Assad. According to Martin Chulov of The Guardian, in his 29…
It Fell Off a Truck: Top Ten US Data Breaches for 2012
According to Ericka Chickowski in her 29 November article for Dark Reading, “10 Top Government Data Breaches Of 2012,” SQL injection, post-phishing and inadequately secured back-up information all contributed to spectacular comprises of data across the USA in 2012. Some of the breaches were the…
The Email that Hacks You
Update: Seems to be working on TP-Link Routers as well (tested on TL-WR841N). Update2: Arcor EasyBox A600 also seems vulnerable. Opening a legitimate looking email on an iPhone, iPad or Mac while using an Asus router with a default or guessable password could compromise the security of…
It’s No Picnic: NBC Websites Hacked
On November 4th, Steven J. Vaughan-Nichols of ZDNet, who covers security, posted on his blog that NBC had suffered a hack on a number of its websites during the early morning of Sunday, November 4th. According to Vaughn-Nichols, as of noon Eastern Standard Time the…
New and Improved Security Features with Acunetix Update 20121113
We’ve just released an update for Acunetix Web Vulnerability 8 – build 20121113 – which gives you a brand new PHP code execution test for Invision Power Board, as well as a number of improvements and fixes. New Security Checks New PHP code execution test for Invision Power…
Imperva and Acunetix Partner to Virtually Patch Web Vulnerabilities
SANTA CLARA and REDWOOD SHORES, CALIFORNIA, USA & LONDON, UK – November 14, 2012 – Acunetix, a market leader in web application security technology, and Imperva, Inc. (NYSE: IMPV) a pioneer and leader of a new category of business security solutions for critical applications and…
Protect Your Website During National Blog Posting Month
On November 1st, MarketWire and other sites across the Internet announced National Blog Posting Month (NaBloPoMo), an annual ritual for dedicated bloggers. Blogger Eden Kennedy launched NaBloPoMo in 2006; the event has grown to include thousands of bloggers, and it’s now celebrated officially under the…