Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Free Plug-In Scanner For Protection of Blogs

Randomstorm : 20 July, 2011  (New Product)
Bloggers using the popular WordPress package can gain protection from hackers with a plug-in vulnerability detector available free from RandomStorm
Free Plug-In Scanner For Protection of Blogs

RandomStorm has announced a free download to protect Websites from being hacked. The WordPress Scanner checks blogs for plug-ins that could open up back doors into Websites, which could then be exploited by hackers.

WordPress Scanner has been developed by RandomStorm penetration tester, Ryan Dewhurst, who also developed the Damn Vulnerable Web Application (DVWA), which teaches developers and security professionals how to secure Web applications. The WordPress Scanner software enables security professionals and Word Press administrators to check for any plug-ins or vulnerabilities that could leave blogs and Websites open to hackers.

Common Website hacks include injecting SQL code into a page; defacement, such as swapping out corporate logos for the slogan of a protest organisation; cross site scripting (XSS) and code execution. Examples of organisations’ Websites that have been compromised using these methods include the BBC 6 Music and 1Xtra Websites, which were used to host a drive by download attack to infect visitors’ computers with the Phoenix Trojan and the Sun newspaper Website, which displayed a false story that Rupert Murdoch had died, placed by the LulzSec hacker group.

Commenting on the new vulnerability scanning tool, Ryan Dewhurst said: “Sometimes it is not easy to spot when a blog has been compromised. Hackers use tactics such as inserting infected iFrames, which look like normal pictures on the Web page, but which can be used to initiate drive by downloads of malware to visitors’ computers. This sort of activity can get your site blacklisted so it’s important to scan for vulnerabilities and remove them.”

The WordPress Scanner is a black box tool developed using the Ruby programming language. It is available for free download.

Andrew Mason, Technical Director at RandomStorm, commented, “WordPress Scanner forms part of RandomStorm’s overall service to help companies to close vulnerabilities in their Web applications and improve security for their business and their customers.”

RandomStorm provides vulnerability scanning and intrusion detection services to help companies to improve their security posture. The company is a CESG CHECK security consultancy and recently announced that it has been certified as a Qualified Security Assessor by the Payment Card Industry Security Standards Council, enabling qualified employees to carry out audits to help merchant companies to comply with the Payment Card Industry Data Security Standard (PCI DSS).

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo