September 22, 2011 - It’s hard to believe, but SQL injection as we know it has been around for 13 years. Yet, SQL injection is as prevalent as (continue reading...) Read more
September 22, 2011 - Comguard, the Acunetix distributor based in Dubai, will be participating in GITEX 2011, heralded as one of the largest and most important ICT events around the globe. Alive with the energy of the ICT sector (continue reading...) Read more
September 20, 2011 - A security research team called Vulnerability-Lab have discovered a persistent XSS vulnerability in the official website of Barack Obama. This is not the first time that the president’s website was targeted. About a year (continue reading...) Read more
September 20, 2011 - An updated build of Acunetix Web Vulnerability Scanner Version 7 was released. This new build (20110920) includes the new Firefox plugin which supports FireFox version 6, a new security check (continue reading...) Read more
September 13, 2011 - Acunetix distributor DS TEAM will be hosting a conference at the HackXColombia 2011 expo held on the 8th October 2011 at the University Corporation for sabaneta J. Emilio Valderrama. The main objective (continue reading...) Read more
September 12, 2011 - On Thursday morning a post appeared on the popular Full Disclosure Internet discussion group listing XSS vulnerabilities in no less than 20 high profile websites. Amongst the vulnerable are McDonalds, IEEE Explore, Harvard University, and energy.gov. The vulnerabilities were discovered (continue reading...) Read more
September 9, 2011 - If you’ve heard it once you’ve probably heard it a thousand times: time to market is critical. Indeed, when it comes to software development, many business executives, marketers, product managers and (continue reading...) Read more
September 9, 2011 - Acunetix distributor, Ace-Pacific Pty Ltd, will be exhibiting at Govware 2011 held between the 27th and 29th September 2011 at the Suntec Singapore International Exhibition (continue reading...) Read more
September 1, 2011 - There’s no way the (continue reading...) Read more
September 1, 2011 - We often hear about “disgruntled workers” wreaking havoc on computer systems and sensitive information. Interestingly we never hear about what I call “gruntled workers” and how they (continue reading...) Read more
August 31, 2011 - The following features complete the Acunetix WVS scanning arsenal: Innovative AcuSensor technology Web server configuration detection Web server security scan (Port Scanner) against services such as DNS, SSH etc Dictionary (brute force) attacker to test password strength of login pages or (continue reading...) Read more
August 26, 2011 - Acunetix WVS is a heuristic scanner and not a signature based scanner, which by design is an efficient way of reducing false positives. With the introduction of AcuSensor Technology, false positive reporting has been drastically reduced because vulnerability detection is no longer (continue reading...) Read more
August 26, 2011 - When recoding a login sequence, the crawler needs to be configured to automatically identify if a web application’s logged in session (navigation of a password protected area) is still valid or not. This is an important step when recording a (continue reading...) Read more
August 26, 2011 - Some websites are designed to use custom 404 error pages instead of a web browser’s standard error page because they can be branded and made to contain links to other important pages. If your website uses custom 404 error pages (continue reading...) Read more
August 26, 2011 - Acunetix WVS features a directory and file filter which allows you to safely exclude specific URLs or directories from the scan. To create a directory filter: In the Tools Explorer, click ‘Configuration’ and then click ‘Settings’ (continue reading...) Read more
August 26, 2011 - Acunetix WVS can safely ignore certain file types which cannot be exploited by a hacker, and therefore cannot be considered as vulnerable. By ignoring these files types a scan will take less time to complete, and will be more efficient (continue reading...) Read more
August 26, 2011 - Should you need to generate a report for a security scan performed at an eariler stage, it is possible to load a saved scan result file and manually import it into the (continue reading...) Read more
August 26, 2011 - The Acunetix WVS Login Sequence Recorder can be used for many other tasks rather than just to scan password protected areas. If used appropriately it will help (continue reading...) Read more
August 26, 2011 - As a pattern and exploit analysis tool, Acunetix WVS performs a web security audit by executing the following 3 sub-tasks: Step 1: Target identification WVS checks if the target(s) are running a web server, and therefore host any (continue reading...) Read more
August 25, 2011 - Apart from being an annoyance, if the problem of mass mailing has impacted your site then it could be a web application vulnerability in itself. A hacker or malicious user can perform the same steps to (continue reading...) Read more