Posts by Arden Rubens:


Takeaways from the Verizon 2017 Data Breach Investigation Report

May 15, 2017 By Arden Rubens | The annual Verizon Data Breach Investigations Report (DBIR) was released earlier this month to much anticipation, hitting a big milestone with its tenth-anniversary edition. And once again, it’s proving to be one of the most referenced data breach reports in the cyberworld and a must-read for industry leaders and security professionals across the globe.     For this year’s DBIR, data was collected from nearly 2,000 confirmed breaches and 42,000 security incidents from 20 different industries, spanning across 84 countries. Verizon security experts analyzed the submitted data and put together an extensive look at today’s cyber-universe.  

</Read More>

WannaCry? Ransomware Is Everywhere

May 12, 2017 By Arden Rubens | A malicious software called ‘WanaCryptor’ hit the NHS this past Friday. The ransomware caused hospitals across England and Scotland to cancel operations, delay routine practices and divert ambulances, while patient records were made unavailable as infected computers were on lockdown until ransom was paid.   Other high profile targets included FedEx, Germany’s national railway, Telefónica along with many of Spain’s largest companies, and private and personal computers across the world. Once infecting the PC, the software locks up the data and the device, and holds it for ransom.

</Read More>

April 2017: Top Hacks and Breaches [INFOGRAPHIC]

May 08, 2017 By Arden Rubens | April showers bring… hacks and breaches? Our list of April cyber-events begins with Dallas residents getting quite the fright as a hacker triggered the city’s emergency sirens. In early April, users of Wonga, a payday loan firm, were alerted about a data breach. The breach is said to affect 245,000 accounts in the UK and an additional 25,000 accounts in Poland. The stolen information includes full names, email addresses, phone numbers, and the last four digits of credit cards.  

</Read More>

Brexit & Its Impact on Cybersecurity

Apr 27, 2017 By Arden Rubens | The United Kingdom leaving the European Union – aka Brexit (shorthand for British Exit) – is a decision which has generated much gossip and speculation within the cybersecurity community. In general, there is no doubt that the result of the Brexit referendum, held in June last year, will have an impact on many industries and sectors; and in today’s connected landscape, the effect will also be felt in the cyber-world. So what will Brexit mean in terms of cybersecurity?

</Read More>

March 2017: Top Hacks and Breaches [INFOGRAPHIC]

Apr 04, 2017 By Arden Rubens | The month of March in hacks and breaches began strong with discovery of a database containing 1.4B records left exposed by one of the biggest senders of spam. A few days after, WikiLeaks released details on secret CIA hacking tools used to break into computers, mobile devices, and smart TVs.  On the 13th of March, Statistic Canada was breached as hackers exploit a new software bug. Hackers managed to break into the national statistics’ bureau by exploiting a security bug in Apache Struts 2, a software most commonly used in governmental, financial, and retailer websites.

</Read More>

Top Women in Cybersecurity You Should be Following on Twitter

Mar 07, 2017 By Arden Rubens | Updated: March 8th, 2018 –   Since the beginning of information security, the representation of women in cybersecurity has been (and still is) small. So small that women make up only 11% of the information security workforce. But with such a tiny representation in the industry comes a big opportunity.   For the cybersecurity world, Twitter is a continuous stream of content with various influencers tweeting the latest insights on a daily basis. And some of the most influential and trailblazing women in the industry have been using the platform to keep you in the know.  

</Read More>

February 2017: Top Hacks and Breaches [INFOGRAPHIC]

Mar 05, 2017 By Arden Rubens |
February may be the shortest month, but there definitely was no shortage in hacks and breaches. The month started with a an anonymous hacker single-handedly taking down an entire dark web hosting service with more than 10K Tor-based .onion sites. Then, on February 10th, a security flaw found in WordPress allowed hackers to attack and deface an estimated 1.5M pages.   Later on in February, hackers (masked as “Pro_Mast3r”) defaced one of the Trump Administration’s official fundraising websites in a subdomain takeover. On February 28th, data from connected CloudPets teddy bears was leaked after the database was found unsecured. Over 800K users were found in the database, which also contained recorded kids’ voice messages.

</Read More>

Key Takeaways from Ponemon’s 2017 Study on Mobile and Internet of Things Application Security

Mar 01, 2017 By Arden Rubens | Today, organizations are developing and releasing mobile and Internet of Things (IoT) devices and apps at a rapid speed. According to recent research, it is estimated that around 50B IoT devices will be connected to the Internet by 2020 while 2017 started with a record 2.2M downloadable apps in the App Store.   Every year, Ponemon Institute releases a study on Mobile and Internet of Things Application Security focusing on understanding how organizations are lowering the risks in mobile and IoT apps in the workplace. Based on this study, while the worry and understanding of mobile and IoT application security threats is increasing. There is a severe lack of urgency in addressing issues and proper application security testing is occurring during later stages in an app’s SDLC. Continue reading for a full list of key takeaways from Ponemon’s 2017 Study on Mobile and Internet of Things Application Security.

</Read More>

DevOps and Security Experts You Should Be Following on Twitter in 2017

Feb 23, 2017 By Arden Rubens | Twitter is an amazing wealth of ideas, opinions, and other resources. But with well over 300M users active on a monthly basis, Twitter can also be hard to navigate. There are so many people to follow and so little time to find the right ones.   When it comes to DevOps and Security, there are lots of great thinkers on the front lines of the union – and luckily for us, many are on Twitter. Whether you’re just starting out or are looking for new ways to integrate security within DevOps (and vice versa), Twitter is a great place to seek out info and be a part of the discussions.  

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.