Posts by Sarah Vonnegut:

RSA USA Preview: ‘It’s A Jungle Out There: The Security State of the CMS Platform’

Feb 11, 2014 By Sarah Vonnegut |
Checkmarx Founder & CTO Maty Siman will be leading a session at the conference this year on the security of the most popular content management systems and how to protect yourself against attacks:
It’s a Jungle Out There: The Security State of CMS Platforms
February 26th | 10:40 AM | Room 3012

</Read More>

The Sochi Hacking Scare Take Down & The Rest of The Weeks Best

Feb 09, 2014 By Sarah Vonnegut |  
This week, NBC got called out for a slightly exaggerated report of hacking in Sochi (hint: they weren’t even in Sochi); SnapChat got hit with another vulnerability report; Target was hacked via their A/C and heat guys and more. Here’s a short n’ sweet version of the weeks’ news you may have missed.

</Read More>

Facebook Almost Hacked By The SEA: “Happy Birthday, Mark!”

Feb 06, 2014 By Sarah Vonnegut | The notorious hacker group Syrian Electronic Army (SEA) is stirring up trouble again, this time with Facebook. Overnight, the group claimed to pwn the domain, posting a screenshot of the WHOIS info on its Twitter. ‘Happy Birthday Mark,’ the tweet taunted, referring to Facebook’s recent 10th birthday. The registrant data indeed reflected that the email address had been changed to a Syrian Gmail account. 

</Read More>

Patch It Up Pronto! Critical Zero-Day Update For Adobe Flash

Feb 04, 2014 By Sarah Vonnegut | After discovering a previously unknown remote exploit, Adobe Systems, Inc. has released a critical security patch for Flash Player. They are urging all users to download the latest version as soon as possible.The security bulletin said that the updates are meant to address a critical security vulnerability that would allow a malicious attacker to remotely exploit the affected computer. Adobe said they are aware of reports stating that this exploit exists in the wild.

</Read More>

The Harrowing Tale of the Hack of @N & the Week’s Other Big Security Stories

Feb 02, 2014 By Sarah Vonnegut | A full plate of social engineering, another serving of Syrian Electronic Army mischief and a dessert course of ChewBacca malware made the security menu this week. It was the week we learned about how far one will go to keep and to steal a monosyllable Twitter handle, what grudge the SEA holds against PayPal and more – take a few minutes and catch up with all you missed!

</Read More>

Credit Card Breach Being Investigated By Hotel Management Co.

Feb 01, 2014 By Sarah Vonnegut | A company that manages some of the biggest name brand hotel franchises across the U.S., including Hilton, Westin, Marriott and Sheraton, has apparently been dealing with a potential data breach where thousands of guests’ credit card data was stolen over a period of at least nine months.

</Read More>

NSA Uses Angry Birds, Google Maps, & Other ‘Leaky’ Apps To Spy

Jan 28, 2014 By Sarah Vonnegut | We’re already well-informed of just how far-reaching the NSA’s data-tapping techniques are, but newly published leaks have taught us more methods to the NSA-madness. According to new documents furnished by Edward Snowden, the NSA and British-counterpart GCHQ have been tapping into commercial data troves collected by popular smartphone apps like Angry Birds and Google Maps as well as their third party advertisers. The information ranges from your gender to where you’re located to where you’re planning on going – and more.

</Read More>

Crafty Hackers & Other AppSec Stories This Week

Jan 26, 2014 By Sarah Vonnegut | Breaches seem to be hitting every country across every industry these days. This week was no better. Not only did the biggest craft store in the U.S. disclose a breach affecting an unknown number of credit card users, but nearly 40% of South Koreans as well as 16 million Germans are dealing with the affects of major breaches in each of those countries. With the list of 2013’s worst and most overused passwords wrapping up the week’s news, let’s hope the rest of 2014 is a more secure year.

</Read More>

Google Turns Deaf Ear to Speech Recognition Exploit in Chrome

Jan 23, 2014 By Sarah Vonnegut | Each new technology seems to emerge together with exploitable baggage. Speech recognition, for example, is being used in rising technologies from Siri to smart homes and is evolving quickly. While speech recognition has the potential to make life much easier and quicker, like any technology it comes with flaws. In this case, a Chrome browser exploit involving Google’s speech recognition technology that was discovered and reported to Google and has yet to be fixed.

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.