Acunetix held a stand at the Spring Edition of the Malta A.I. & Blockchain Summit 2019 that took place on May 23-24, 2019 on the ‘Blockchain Island’ of Malta, at the Hilton Business Centre. The event was very well received. It brought together over 5,500…
Chrome Tightens CSRF Protection
The Chrome 76 browser, which is expected in July 2019, will include tighter controls for the SameSite cookie attribute. This attribute is used by website or web application developers when they set cookies. It specifies whether the cookie may be used in a third-party context….
Visit Us at the National Homeland Security Conference 2019
The National Homeland Security Conference is sponsored by the United States National Homeland Security Association. The conference is organized annually in various US locations since 2005. Its goal is to enable local homeland security and emergency management professionals to exchange information on anything related to…
Preventing NTP Reflection Attacks
The Network Time Protocol (NTP) is the standard protocol for time synchronization in the IT industry. It is widely used by servers, mobile devices, endpoints, and network devices, irrespective of their vendor. The latest version of NTP (version 4) is defined in RFC 5905. The…
Acunetix Vulnerability Scanner Now With Network Security Scans
Seamless OpenVAS integration now also available on Windows and Linux London, UK – May 2019 – Acunetix, the pioneer in automated web application security software, has announced that Premium versions of the Acunetix Vulnerability Scanner now support network security scanning. Network security scans are possible…
New build includes new Network Scanning integration, IPv6 support, improved resource usage and many new vulnerability checks
Acunetix version 12 (build 12.0.190515149 – Windows and Linux) has been released. This new build introduces network scanning in Acunetix on-premise, support for IPv6, improves usage of machine resources and adds support for Selenium and Burp v2 saved files as import files. There are also…
What Is Persistent XSS
Persistent Cross-site Scripting (Stored XSS) attacks represent one of three major types of Cross-site Scripting. The other two types of attacks of this kind are Non-Persistent XSS (Reflected XSS) and DOM-based XSS. In general, XSS attacks are based on the victim’s trust in a legitimate…
Why is Source Code Disclosure Dangerous?
Source code often contains some form of sensitive information. It may be configuration-related information (e.g. database credentials) or simply information about how the web application works. If source code files are disclosed, an attacker may potentially use such information to discover logical flaws. This may…
What Is HSTS Used for? – problems, errors, fixes
HSTS stands for HTTP Strict Transport Security. It is a method used by websites to declare that they should only be accessed using a secure connection (HTTPS). If a website declares an HSTS policy, the browser must refuse all HTTP connections and prevent users from…