ITsecurity
twitter facebook rss

New vulnerability in WordPress security plugin

Posted by Kevin on September 4, 2014

ThreatPost, the Kaspersky Lab security news service, reported yesterday, A smattering of bugs, mostly cross-site scripting (XSS) and cross-site request forgery (CSRF) vulnerabilities, have been plaguing at least eight different WordPress plugins as of late. Well it just got worse. High-Tech Bridge, operator of the ImmuniWeb online web pentesting service, has discovered a SQLi flaw […]

Automated vs hybrid vulnerability scanning

Posted by Kevin on July 29, 2014

A CIO’s experience You will have heard about programs that perform automated security scanning for website safety assessments. Such scanning software was developed in response to international standards such as PCI DSS and the security requirements they specify. While these scanners may be familiar to e-commerce firms, for owners of businesses where no such standards […]