Posts by Sarah Vonnegut:

5551655751_c83d0a51ed_z-300x199

You’ve Got a Breach: AOL Investigating After Spoofing Incident

Apr 30, 2014 By Sarah Vonnegut | If you just couldn’t get enough of changing your passwords after the Heartbleed fiasco and still keep an active AOL account, you’re in luck. The company announced on Monday that it is further investigating a security incident after a “significant” number of user accounts were found to have been compromised, with AOL estimating around 2% of their over 20 million customers at risk. Users are urged to change their passwords and personal answers to their security questions.

</Read More>
2264763977_fbeb2e34ba_z-300x200

Hackers Already Exploiting Microsoft IE Zero Day ​in Federal, Financial Orgs.

Apr 28, 2014 By Sarah Vonnegut | Hackers are already busy at work exploiting a just-discovered zero-day security flaw in Microsoft’s Internet Explorer, posing a serious risk to up to 56% of the world browser market. The vulnerability was found in all versions of the browser and as of today, “limited, targeted attacks” have been leveraged against IE versions 9, 10, and 11, though all versions 6 through 11 are vulnerable. Security firm FireEye discovered the flaw and reported it to Microsoft on Saturday. Microsoft announced the vulnerability, CVE-2014-1776, on Saturday night and added that they are currently investigating the issue and will issue a security update as needed. The company says that by default, Microsoft Web Apps like Outlook, Outlook Express, and Windows Mail use Microsoft’s ‘restricted site zone’ that diminish risk of the exploit on those sites. However, many more sites accessed in Internet Explorer could still be used in an attack.

</Read More>
iStock_000033207252Small-300x199

The Week in Security: Your Top 6 Stories

Apr 26, 2014 By Sarah Vonnegut | Apple Security Updates and Spoofing and Heartbleed …oh my. These are your weeks top security stories:
Aol Hit With Major Email Spoofing Hack
In a blast from the past security story, Aol email users have been suffering from spoofed accounts. Spoofed emails are pesky messages, in this case containing malicious links, that had their FROM field changed to make it look like it’s coming from the victim, but are just coming from the spammer/spoofer’s account, sent from their server. If there are bounce-backs from emails you didn’t send out, you’ve most likely been spoofed. Once your account has been spoofed, there’s not a whole lot you can do.

</Read More>
iStock_000024004901Small-300x300

Web App Attacks: 7 Takeaways from the New Verizon DBIR

Apr 23, 2014 By Sarah Vonnegut | Hackers going after Web applications are getting smarter and faster by automating their malicious tools, and organizations are struggling to keep up. This was among the biggest revelations in Verizons’ 2014 Data Breach Investigations Report. The report analyzed over 63,000 security incidents over the past year, 1,367 of which resulted in a breach. It may come as a surprise to some that PoS intrusion attacks, the cause of the massive Target breach, and similar, subsequent incidents, was not the leading attack vector of the reports’ nine incident patterns. Alas, the award for the most exploited vulnerabilities went to Web applications, which hackers relentlessly went after this year – to the tune of 3,937 incidents and 490 confirmed breaches.

</Read More>
5-Security-Stories-To-Read-Right-Now-300x300

5 Security Stories To Know Right Now

Apr 18, 2014 By Sarah Vonnegut | While the Heartbleed bug again dominated the news this week, a few other security stories deserve some love. Here are your top five of the week – get caught up for the weekend!
Michaels Credit Card Breach: 3 Million Customers At Risk
The arts and crafts chain Michaels Stores Inc. this week reported that they suffered two separate security breaches spanning eight months. The breach, which was first reported in January, exposed up to three million customers credit and debit card data. “The analysis conducted by the security firms and the Company shows that approximately 2.6 million cards may have been impacted, which represents about 7% of payment cards used at Michaels stores in the U.S. during the relevant time period,” the statement on their website says. That number is probably less than they were expecting, having come so close to the massive Target breach. In addition to the Michaels breach, customers of Aaron Brothers, owned by Michaels, was victim to a separate breach, in which around 400,000 customers are at risk.

</Read More>
The-Honeypot-Sting-Hacking-the-Hackers-300x300

The Honeypot Sting: Hacking the Hackers

Apr 16, 2014 By Sarah Vonnegut | How can you tell who’s up to no good when it comes to your networks and computer systems? Simon Bell, a computer science student in his last year at the University of Sussex, has set out to help answer that question. He’s created an SSH (Secure Shell) honeypot written in C with the aim of researching the techniques of malicious attackers trying to infiltrate the network. Dubbed Secure Honey, Bell designed his honeypot as a final project, which he tracks and writes about on his site. Hacking the Hackers: Honeypots, for the uninitiated, are decoy systems or servers designed to track and log the activities of attackers trying to intrude your system (SANS has a great FAQ for further reading).  Instead of the attackers gaining data, the honeypot collects the actions and attempts at intrusion for further analysis. The would-be hackers get nothing – and will quickly move on to the next possibly vulnerable server after a few fruitless tries. “Something really drew me to the idea of luring hackers into a honeypot to watch how they operate and to discover what sort of techniques they may deploy to infiltrate a system,” he says. Anyone can keep up with what Secure Honey attackers are up to on Bell’s live stats page, where hacking attempts, the most commonly used passwords and more are tracked in real time.

</Read More>
Heartbleed-4-300x300

Top 5 in Security: Your Weekly Update

Apr 11, 2014 By Sarah Vonnegut | The security industry took a massive hit this week with the Heartbleed bug, and while it took most of the focus, there’s some notable news that you may have missed. Here are your top 5 security stories of the week:

</Read More>
Full-Disclosure-300x300

So You Found A Security Bug – Now What?

Apr 09, 2014 By Sarah Vonnegut | Security vulnerabilities are discovered, reported and fixed every day.  But how can we more easily learn about them, and how can the white-hat hackers that find them keep their finds organized? “I prefer a world where I have all the information I need to assess and protect my own security,” Bruce Schneier wrote in an essay on Full Disclosure in 2007. It’s a need the industry is still working out.
Big issues are usually reported, a perfect example being the Heartbleed OpenSSL vulnerability, but the small flaws go unnoticed by most – and that’s a big problem. Security researcher and auditor Sergey Belov is trying to help mend the gap between securities bugs and the general public with his new site, BugsCollector.com.

</Read More>
iStock_000025138182Small-300x199

One Vulnerability To Rule Them All: SQL Injection

Apr 07, 2014 By Sarah Vonnegut | They’re simple, highly exploitable, and when done ‘correctly’, can be deadly…or at least incredibly costly for an organization. They’ve been used in hundreds of thousands of attacks and have cost companies and organizations millions – at this point billions – in lost or stolen funds as well as other breach costs.
  The nightmare exploit in question?  SQL injection (SQLi) attacks. They’re one of the most common vulnerabilities found on the web; attacks are easy to carry out and can be highly valuable: One little piece of injected code and the organization’s entire database could be used to spoof identities, tamper with existing data, allow the complete disclosure – or complete deletion – of all system data, and give the hacker full administrative access to the server.   
Hackers have gotten more advanced over time, developing automation tools used to scour the web in search of sites vulnerable to SQLi attacks, but organizations have put their focus – and resources – on negating against other types of attacks, allowing hackers to focus in on more easily exploited vulnerabilities.
When it comes to SQLi attacks, history has done a great job of repeating itself. In 2009, the Heartland Payment Systems breach that leaked 130 million credit card numbers was accomplished through SQL injection. The group of hackers responsible for the Heartland breach, led by Albert Gonzalez, also masterminded attacks on Dave & Busters, OfficeMax, Boston Market, Barnes & Noble, and several other businesses – all confronted by SQL injection attacks.

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.