Hot Downloads

Netscape hacked via an XSS attack!

Written by Administrator. Posted in Software News

0 1 1 1 1 1 Rating 0.00 (0 Votes)
Acunetix scans for Cross-Site Scripting vulnerabilities preventing website defacement

London, UK – 28 July, 2006 – Netscape.com, an online social media website, has been hacked through a cross-site scripting (XSS) vulnerability in their recently launched news service. It is reported that the attack was launched by fans of Digg.com, a competing social networking website. The hackers used ... the XSS vulnerability to inject their own JavaScript code into the homepage and other pages on the site.

The hack was discovered by Finnish security vendor (F-Secure), during their research work around cross-site scripting vulnerabilities on social networking sites. Digg fans used cross-site scripting attacks to display JavaScript pop-up alerts with "comical" messages aimed at redirecting visitors to their site. Fortunately no malicious code was injected. Netscape released a statement yesterday afternoon stating that the vulnerability had been patched and that visitors are once again safe.

Acunetix Web Vulnerability Scanner automatically audits web applications and checks whether these applications are secure from exploitable vulnerabilities to such hack attacks as cross site scripting. Although Netscape has now fixed the flaw, an automated check of Netscape’s website (using Acunetix WVS) could have prevented this attack and saved the company from denting its reputation and the subsequent loss of customer trust. Furthermore, hackers could have injected code aimed at stealing personal customer data rather than defacement. Most hackers, nowadays, attack websites because of the payoff from stealing such sensitive data as credit cards and social security numbers.

Acunetix provides free audit to help companies determine the security of their websites

Enterprises who would like to have their website security checked can register for a free audit by visiting www.acunetix.com/security-audit. Participating enterprises will receive a summary audit report showing whether their website is secure or not. Summary reports will be delivered within five business days of submission.

About Acunetix Web Vulnerability Scanner
Acunetix Web Vulnerability Scanner ensures website security by automatically checking for SQL injection, Cross site scripting, CRLF injection and other vulnerabilities. It checks password strength on authentication pages and automatically audits shopping carts, forms, dynamic content and other web applications. As the scan is being completed, the software produces detailed reports that pinpoint where vulnerabilities exist.

About Acunetix
Acunetix was founded to combat the alarming rise in web attacks. Its flagship product, Acunetix Web Vulnerability Scanner, is the result of several years of development by a team of highly experienced security developers. Acunetix is a privately held company with headquarters based in Europe (Malta), a US office in Seattle, Washington and an office in London, UK. For more information about Acunetix, visit: http://www.acunetix.com.

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup