Posts by Sarah Vonnegut:

RedHerring_Europe_Finalist-logo

Checkmarx Selected As Finalist For Red Herring Top 100 Europe Awards

Apr 01, 2014 By Sarah Vonnegut | We’re excited to announce that Checkmarx has been chosen as a Finalist for Red Herring’s Top 100 Europe award, a distinctive list that honors the year’s most promising private tech companies in Europe.  
The Red Herring 100 Awards, first started in 1996, are one of the most prestigious events for start-ups across the world. Red Herring’s editorial team analyzes hundreds of cutting edge companies and technologies and selects those positioned to grow at an explosive rate.  The Top 100 companies are assessed on 20 varying criteria, including disruptiveness of the solution in its respective markets, market maturity, quality of the management, financial performance, and technological advantage, among many others.

</Read More>
Angry_Birds-300x225

Top 5 in Security: Weekly Update

Mar 30, 2014 By Sarah Vonnegut | From snooping drones and leaky apps to more hijack-able connected devices, these are your week’s top 5 security stories. 
6 Months Later, Angry Birds Still Spilling Personal Info
Rovio, the gaming company behind the mobile hit Angry Birds, has apparently continued its relationship with the ad platform believed to have been hacked into repeatedly by the British intelligence agency. Worse still, the company continues to collect and share personal information with various third-party advertising services. 
Security researchers at FireEye found that the Android app continues to collect a massive amount of personal data about players who sign-up to the app, including birthday, email, gender, name and country, before pairing it with the customer ID and storing it on the user’s phone. The researchers also discovered that the app sends most of that data in plain text. Even if a player opts out of signing up, the game still collects and sends plenty of information about the device. 
Read more about the still-rogue app here. 

</Read More>
california-dmv-logo-300x286

If You Thought The DMV Couldn’t Get Worse… & The Top 5 Security Stories of the Week

Mar 23, 2014 By Sarah Vonnegut | From the latest credit card breach to Microsoft’s privacy ‘faux pas’, here are the week’s top security stories – take a few minutes and catch up before the madness begins again!

</Read More>
10422904405_c47bc54829_k-300x168

BYOD 2.0: Securing the Internet of Things in Your Organization

Mar 20, 2014 By Sarah Vonnegut | In the latest Internet of Things news this week, researchers from Cal Poly successfully designed an app for Google Glass that could take a picture every ten seconds with the display off, “uploading the images to a remote server without giving the wearer any sign that his or her vision is being practically live-streamed to a stranger,” Andy Greenberg writes. It’s scary enough to imagine that someone could be walking around, living their day-to-day lives as someone records their every action at a distance.

</Read More>
iStock_000025138182Small-300x199

3 Key Benefits of Automating Your Source Code Review

Mar 18, 2014 By Sarah Vonnegut | Automation has taken the business world by storm. We automate everything, from marketing to manufacturing and everything in between, and it often pays off: greater ROIs, higher productivity, less overworked employees. In application security, the same can be true. As web applications have become the essence of business in almost every industry, the risks have increased. While we will always need code reviewers, pen testers and security teams for areas requiring human intelligence, for the business side or otherwise, automating your source code analysis is a step towards higher security. Let’s look at the top 3 reasons why you should be automating your code review process.

</Read More>
iStock_000023444420XSmall-300x199

The Week in Security: PWN2OWN, Double DDoSes, Malaysian Plane Crash Scams & Target’s Missed Alarms

Mar 16, 2014 By Sarah Vonnegut | This week in security was busy with a little bit of everything – breaches, hacking contests, cyber scams, hacktivism and more. Here’s the lowdown on all the biggest security stories of the week: 

</Read More>
Whatsapp-01

Gaping Security Flaw in WhatsApp on Android Let Other Apps Steal Your Messages

Mar 13, 2014 By Sarah Vonnegut | If you’re using WhatsApp on an Android – even after yesterday’s update – your chats are prone to being downloaded by others, a security consultant has discovered.  Bas Bosschert, CTO and consultant at Double Think, along with his brother, discovered this exploit after wondering if it would be possible to upload and read someone’s WhatsApp chats from another app. With a proof of concept on his blog, he proved it was easily possible.

</Read More>
iStock_000016235442Small-300x199

Keeping Up With The Hackers, Part 2: ‘It Takes a Hacker to Catch One’

Mar 11, 2014 By Sarah Vonnegut | In our original Keeping Up With The Hackers post, AppSec expert Dave Ferguson graced our blog with a fantastic post speaking on the tools he uses to stay up-to-date with his hacking skills. For this post, we spoke with Malik Mesellem, another security expert with over 15 years of experience and a love of securing web apps. 

</Read More>
11297241203_453f1342a6_b-300x225

On Tracking the Creator of Bitcoin, a Breach at Sally Beauty and Facebook Clickjacking: Security News Update

Mar 09, 2014 By Sarah Vonnegut | It was a crazy week, with the secretive Bitcoin creator supposedly outed, details of 280,000+ payment cards tied to Sally Beauty purchases discovered for sale online and a new Facebook clickjacking campaign that preys on the curious, so let’s get down to it shall we? Here are your weeks biggest security stories: 

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.