Cross-Site Scripting ranks first in top security risks

In recent years, buffer overflows topped the list as the most popular vulnerability used by hackers to compromise websites. However, the latest report from Mitre Corp., a US government funded research organization, clearly indicates that hackers are moving away from acts of vandalism to the more lucrative exploits of data theft. In fact, Cross-Site scripting and SQL Injection are now the most preferred hacking techniques used by hackers since these vulnerabilities allow access to such data as credit card details.

Hackers Steal 19,000 Personal Customer Details from AT&T Online Store

Last weekend, hackers pilfered the personal data of nearly 19,000 DSL equipment customers through a vulnerability in AT&T’s online store. The affected site was shut down within hours of the attack being launched. In a statement, AT&T attributed the motive of the attack to a criminal market for illegally obtained personal information. In fact, the data also included customers’ credit card details.

Rivalry between Media Websites Results in Netscape Being Hacked Via an XSS Attack, an online social media website, has been hacked through a cross-site scripting (XSS) vulnerability in their recently launched news service. It is reported that the attack was launched by fans of, a competing social networking website. The hackers used the XSS vulnerability to inject their own JavaScript code into the homepage and other pages on the site.

Acunetix Partner with Advanced Research Technologies in Japan to Defend Against Web Hacking Attacks

Acunetix Ltd., a leading web security software company focused on helping enterprises secure their web applications, today announced a distribution agreement with Advanced Research Technologies, Inc. (ART). The agreement introduces Acunetix Web Vulnerability Scanner to the Japanese market.

Web Applications: A Chink in Your Armor?

Acunetix, a leading web security software company, today announced the release of Acunetix Web Vulnerability Scanner version 4. This latest version provides a more comprehensive solution for enterprises wanting to detect exploitable website and web application vulnerabilities such as SQL Injection and Cross Site Scripting.

Hotmail, MSN and Amazon Susceptible to Attack via Cross Site Scripting

Acunetix WVS protects the loss of sensitive personal data due to XSS attacks