The Hacking of US Department of Homeland Security’s Website Highlights Dangers

Acunetix Web Vulnerability Scanner can be used to protect websites from the increasing threat of SQL injection attacks like the one on the DHS

London, May 6, 2008 – Acunetix (www.acunetix.com), a pioneer on web application security scanning technology, has announced that the sophisticated SQL injection attacks recently launched on the websites of the US Department of Homeland Security (DHS), the UK’s Civil Service and the United Nations could have been prevented with the use of Acunetix Web Vulnerability Scanner.

Hackers have attacked hundreds of thousands of web pages from reputable sites with malicious code. This turned the hacked web sites into launch sites for attacks that install malware on the computers of those who visit them.

Sarah Tabone, Sales & Operations Manager at Acunetix said: “Research conducted on 3,200 websites showed that as many as 70% of web sites have vulnerabilities that could lead to the theft of sensitive corporate data such as credit card information and customer lists*. Furthermore, attacks like the one recently seen on the DHS can convert any web site into an attack weapon directed at unknowing visitors. These attacks could easily be avoided by using Acunetix Web Vulnerability Scanner.

“Acunetix Web Vulnerability Scanner ensures website security by automatically checking for SQL injection, Cross site scripting and other vulnerabilities. It gives security experts access to a specialized cross site scanning tool that allows them to evaluate their web sites for these threats.”

Acunetix Web Vulnerability Scanner also scans AJAX and Web 2.0 technologies for vulnerabilities, gives detailed reports that enable businesses to meet legal and regulatory compliances, analyses against Google Hacking Database (GHDB) and features other advance tools that permit fine tuning of web application security checks.

Acunetix Web Vulnerability Scanner is available in four editions: a Free edition, a Small Business edition, an Enterprise Edition for businesses operating more than one website, and a Consultant Edition.

The Free edition of Acunetix Web Vulnerability Scanner can be downloaded from: http://www.acunetix.com/cross-site-scripting/scanner.htm

About Acunetix

Acunetix was founded to combat the alarming rise in web attacks. Its flagship product, Acunetix Web Vulnerability Scanner, is the result of several years of work by a team of highly experienced security developers. Acunetix is a privately held European company.

Notes to Editors

*The report on the research conducted between January 2006 and January 2007 on 3,200 sites belonging to either businesses or non-commercial entities that showed that 70% of the web sites scanned were found to contain vulnerabilities is available on: http://www.acunetix.com/security-audit/acunetix_report.pdf

0 comments: