#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

vulnerabilities scanner | Breaking Cybersecurity News | The Hacker News

Category — vulnerabilities scanner
Popular AMP Plugin for WordPress Patches Critical Flaw – Update Now

Popular AMP Plugin for WordPress Patches Critical Flaw – Update Now

Nov 15, 2018
A security researcher has disclosed details of a critical vulnerability in one of the popular and widely active plugins for WordPress that could allow a low-privileged attacker to inject malicious code on AMP pages of the targeted website. The vulnerable WordPress plugin in question is " AMP for WP – Accelerated Mobile Pages " that lets websites automatically generate valid accelerated mobile pages for their blog posts and other web pages. AMP , stands for Accelerated Mobile Page s , is an open-source technology that has been designed by Google to allow websites build and server faster web pages to mobile visitors. Though I am pretty sure the main version of "The Hacker News" website is enough fast for both desktop and mobile device users, you can also check the AMP version for this specific article here . Out of hundreds of plugins that allows WordPress websites to create Google-optimize AMP pages, "AMP for WP" is the most popular among others...
Yahoo! Launches Free Web Application Security Scanner

Yahoo! Launches Free Web Application Security Scanner

Sep 26, 2015
Yahoo! has open-sourced Gryffin – a Web Application Security Scanner – in an aim to improve the safety of the Web for everyone. Currently in its beta, Project Gryffin has made available on Github under the BSD-style license that Yahoo! has been using for a number of its open-sourced projects. Gryffin is basically a Go & JavaScript platform that helps system administrators scan URLs for malicious web content and common security vulnerabilities, including SQL Injection and Cross-Site Scripting (XSS) . Yahoo! describes Gryffin as a large-scale Web security scanning platform, which is more than just a scanner, as it is designed to address two specific problems: Coverage Scale Scale is obviously implied for large Web, while Coverage has two dimensions – Crawl and Fuzzing . Crawl's ability is to find as much of the Web application's footprint as possible, whereas Fuzzing involves testing each part of the application's components for an applied se...
Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?

Crowdstrike Named A Leader In Endpoint Protection Platforms

Nov 22, 2024Endpoint Security / Threat Detection
CrowdStrike is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms for the fifth consecutive time, positioned highest on Ability to Execute and furthest to the right on Completeness of Vision.
Firing Range — Open Source Web App Vulnerability Scanning Tool From Google

Firing Range — Open Source Web App Vulnerability Scanning Tool From Google

Nov 20, 2014
Google on Tuesday launched a Security testing tool "Firing Range" , which aimed at improving the efficiency of automated Web application security scanners by evaluating them with a wide range of cross-site scripting (XSS) and a few other web vulnerabilities seen in the wild. Firing Range basically provides a synthetic testing environment mostly for cross-site scripting (XSS) vulnerabilities that are seen most frequently in web apps. According to Google security engineer Claudio Criscione, 70 percent of the bugs in Google's Vulnerability Reward Program are cross-site scripting flaws . In addition to XSS vulnerabilities , the new web app scanner also scans for other types of vulnerabilities including reverse clickjacking , Flash injection , mixed content, and cross-origin resource sharing vulnerabilities. Firing Range was developed by Google with the help of security researchers at Politecnico di Milano in an effort to build a test ground for automated scanners...
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
Sandcat Browser 4.0 released, new tools added for Pen-Testers

Sandcat Browser 4.0 released, new tools added for Pen-Testers

May 29, 2013
Sandcat Browser, The fastest web browser with many useful security and developer oriented tools updated to version 4.0 with the fastest scripting language packed with features for pen-testers. Sandcat 4 adds a large number of enhancements, new features, extensions and bug fixes, and provides a dramatically improved user experience on several fronts.  Sandcat 4 adds several new pen-tester extensions as part of the new incarnation of its Pen-Tester Tools extension pack. This includes: a Request Loader, a XHR Editor, a XHR Fuzzer, a CGI Scanner, a HTTP Brute Force extension, enhanced request editors, enhanced script runners, and more. New versions comes with a revamped and enhanced Live Headers. You can now view not only the request headers and response headers but the response of HTTP requests and XHR calls. The captured requests can be viewed, exported to and imported from individual files via its Live Headers bar. It adds the ability to save the full request details of captured ...
Secunia launches Secunia Vulnerability Intelligence Manager 4.0

Secunia launches Secunia Vulnerability Intelligence Manager 4.0

Oct 30, 2012
78% of vulnerabilities are found in third-party programs. Security teams cannot monitor all of them manually or determine which ones are critical to their organization. Secunia, the leading provider of IT security solutions that enables businesses and private individuals to manage and control vulnerability threats, today announced the general availability of the new version of Secunia's Vulnerability Intelligence Manager, the VIM 4.0. The Secunia VIM 4.0 is the latest evolutionary step in the technology Secunia has developed to help organizations handle vulnerabilities and protect business critical information and assets against potential attacks. Because it covers more than 40,000 software systems and applications, the VIM 4.0 solution provides the most comprehensive intelligence about software vulnerabilities available to organizations, ensuring that all security threats can be dealt with before the IT infrastructure is compromised by cybercriminals . "  We're v...
Expert Insights / Articles Videos
Cybersecurity Resources