Posts by asaphs:


What’s HOT in Application Security Vol#31

Oct 09, 2012 By asaphs | This Year’s Hack In The Box Conference To Hold Big Hitters In The Web Application Security World
This year’s famous Hack In The Box security conference is being held in Kuala Lumpur. Among the interesting events, Google will be hosting its Pwnium competition which first debuted at the CanSecWest security conference in March in Vancouver, British Columbia.

</Read More>

What’s HOT in Application Security Vol #30

Sep 30, 2012 By asaphs | Hackers breach major Canadian based control system technology supplier
Hackers have within the last few days managed to hack a major Calgary based technology company, Telvent Canada, known to be major suppliers of control systems for electrical grids, public water systems, public transport functions and most of Canada’s oil and pipelines. Insiders say the hacking was substantial enough to warrant the intervention of the Canadian spy service, the RCMP and the federal government’s special cyber response agency.

</Read More>

What’s HOT in Application Security Vol #29

Sep 18, 2012 By asaphs | More than half of all companies experienced a security breach in the past year and a half
More than half of all companies in the world experienced some kind of security breach in the past 18 months; worrying statistic, given the level of damage a security breach can do to a company. The statement comes from a report which was released last week dubbed the “Software Security Risk Report”.

</Read More>

What’s HOT in Application Security Vol #28

Sep 12, 2012 By asaphs | Web hosting company GoDaddy hacked
GoDaddy, the web hosting service provider was hacked on Monday by a supporter of Anonymous, a self-proclaimed group of rogue hackers. The attack also affected many of GoDaddy’s customers. The attack caused GoDaddy and many of the company’s 10.5 million customer’s web sites to go down for several hours on Monday afternoon. The person behind the attack claimed that the GoDadddy and its affiliated sites collapsed under a flood of traffic caused by a DDoS attack.

</Read More>

What’s HOT in Application Security Vol #27

Sep 04, 2012 By asaphs | Could a lack of web application security be affecting your businesses share price?
It has been noted that in larger corporations the linkage of the brand to a string of negative security issues can seriously affect the share price for the worse.

</Read More>

What’s HOT in Application Security Vol#26

Aug 27, 2012 By asaphs | Microsoft vulnerable to VPN attack
Microsoft’s MS-CHAP v2 (Microsoft Challenge Handshake Authentication Protocol version 2) which is used to authenticate users in PPTP-based (Point-to-Point Tunneling Protocol) VPNs has been shown to be vulnerable to hacks according to reports from the recent Defcon conference.

</Read More>

What’s HOT in Application Security Vol #25

Aug 20, 2012 By asaphs | WikiLeaks crippled by DDoS attacks
A group who call themselves AntiLeaks has claimed responsibility for the crippling hack on the famous site WikiLeaks and its founder Julian Assange.  WikiLinks claimed that that their servers were attacked by 10 Gbps of false traffic per second. The attack was also reported to be a sustained one lasting a total of 9 days. If this is true, it may also have been one of the longest sustained DDoS attacks on record.

</Read More>

What’s HOT in Application Security Vol #24

Aug 14, 2012 By asaphs | Facebook accused of falsely verifying developers apps security
An investigation by the US Federal Trade Commission (FTC) has disclosed that Facebook took no steps whatsoever to authenticate the security of Facebook apps who were awarded a Facebook verification badge.

</Read More>

What’s HOT in Application Security Vol#23

Aug 06, 2012 By asaphs | Top security expert notes hackers aiming for cross-platform vulnerabilities
An increasing amount of hackers are aiming to use cross-platform malware to attack both Microsoft and Apple application vulnerabilities. Hackers tend to favor third party applications that run on both Macs and Windows such as Adobe PDF, Adobe Flash, Java as well as others.

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.