Posts by Sharon Solomon:


No Kidding. 5-Year Old Hacks Dad’s Xbox

Apr 08, 2014 By Sharon Solomon | Hackers and fraudsters are reaching new levels of effectiveness in locating security glitches. Almost any device that can connect to the internet has been proven to be vulnerable. But this time it’s a 5-year old American kid who has exposed a glaring vulnerability in the popular Xbox Live online gaming platform.  

</Read More>

Mobile Sunday: New iOS 7 Vulnerability Exposed

Apr 06, 2014 By Sharon Solomon | Smartphones have become “man’s best friend” over the last few years. There is almost no daily task that doesn’t involve the usage of apps and instant messaging. Unfortunately, this also has raised the amount of mobile phone robberies and tampering. Hacking is evolving, but the “traditional” thefts and mishaps are still a big threat. Phone manufacturers are implementing tools such as lockscreens and passwords to deny unwanted access to phones. The iPhone 5s even has a unique fingerprint scanner which needs to be swiped in order to unlock the phone. Apple phones also have “Find my iPhone” software. This feature allows the user to remotely lock the phone if lost in a public place or after being robbed. Unfortunately, a serious vulnerability has been exposed in this welcome feature.

</Read More>

All You Wanted to Know About Social Engineering

Apr 04, 2014 By Sharon Solomon | Social engineering is manipulating people into doing something, rather than using technical means. It is the art of gaining access to buildings, systems, or data by exploiting human psychology, rather than by using technical hacking techniques. For example, a social engineer might call an employee and pose as an IT support person, trying to trick the employee into divulging his password. The goal is always to gain the trust of one or more of your employees.

</Read More>

Internet of Fails: Serious Vulnerability Found in Philips Smart TVs

Apr 02, 2014 By Sharon Solomon | Just a couple of decades ago, the Internet of Things (IoT) idea was restricted to sci-fi movies and novels. But the internet revolution has changed everything. Millions of new home appliances are going online on a daily basis, enabling hackers to spread malware, create botnets and harvest sensitive information worldwide.  

</Read More>

ATMs Raided With Ploutus as Windows XP Zero Day Approaches

Mar 31, 2014 By Sharon Solomon | Windows XP will be officially discontinued on 8 April, but the legend platform is far from becoming extinct. 95% of the world’s ATMs are still powered by the 12-year old operating system, opening the door for Ploutus attacks. More and more hackers are using SMS messages to steal money. As informed in our previous Windows XP Update, there are worrying amounts of businesses and workplaces still using the expiring platform. Surprisingly, such outdated systems and networks are not exclusive to poor countries. The biggest problems are expected in the banking industry, with thousands of ATMs still using Windows XP. Upgrading the systems to newer software is going to be a long and costly process. Cybercriminals are already exploiting this issue.

</Read More>

Mobile Friday: Google Waze Hacked By Technion Students

Mar 28, 2014 By Sharon Solomon | Waze has come a long way since its launch back in 2008. Winner of the Best Overall Mobile App award at the 2013 Mobile World Congress, the Israeli based startup was sold to Google last year for a whopping $1.3 Billion. Unfortunately, two students from the Technion have revealed a huge security issue in the popular app.   The revolutionary Israeli navigation software made waves by integrating social networking into its user interface and enabling commercial collaborations with strategic businesses. Even Google couldn’t afford to stay indifferent to the app’s massive potential. Everything was looking bright until Shir Yadid and Meital Ben-Sinai, software engineering students at the Technion Institute of Technology in Israel, found a glaring loophole in the application. Waze are aware of the POC, but have not released any security patches so far.

</Read More>

Malaysian Airlines Flight MH370: First Ever Cyber-Hijack?

Mar 24, 2014 By Sharon Solomon | The Malaysian Airlines Flight MH370 probably crashed into the Indian Ocean, but what really went on inside the plane is yet to be revealed by investigators. Is it possible that the MH370 was actually cyber-hijacked by a seasoned hacker? Interestingly, relevant proof-of-concepts have already been demonstrated by InfoSec experts.  

</Read More>

Mobile Friday: Ten Commandments of Android Safety

Mar 21, 2014 By Sharon Solomon | The Android mobile platform has come a long way since its introduction in 2008. Almost 80% of smartphones activated last year (2013) were powered by the “green robot”. But the customizable interface and other open source advantages come at a price. Android is ridden with vulnerabilities.
Android’s biggest convenience is also its biggest security issue. These smartphones are activated with one centralized Google ID, which controls all major functions such as emails, app management and calendar syncing. The risk is high. Besides this inherited problem, the open-source nature of the market-leading OS is prone to cybercrime. Pirated ROMs and unauthorized apps that can be downloaded from underground markets put the unsuspecting users in danger.

</Read More>

Bitcoin Crashing Due To Steep Rise in Cybercrime

Mar 19, 2014 By Sharon Solomon | The Bitcoin bandwagon has stalled. The value of the Cryptocurrency skyrocketed in 2013, but a downward trend is being witnessed this year. Investors and traders wishing to see Bitcoins in the mainstream e-commerce scene will probably have to wait a little longer.
Besides the glaring lack of regulation and worrying price volatility, cybercriminal activity has put a huge dent in the digital currency’s credentials. The hacking techniques are not new, nor are the vulnerabilities found in the Bitcoin exchanges.
More and more Bitcoin exchanges are being exploited with the help of malware and common phishing techniques. Coinbase and Flexcoin are just two of many Bitcoin platforms that have fallen prey to hackers and fraudsters.

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.