Posts by Sharon Solomon:

iStock_000019354781XSmall

Kickstarter Website Compromised; InfoSec Executives On Alert

Feb 19, 2014 By Sharon Solomon | The hacks just keep on coming. Kickstarter, arguably the world’s largest crowdfunded website, has joined the list of high-profile casualties. The site suffered a serious data breach that has probably led to the leakage of personal information and data, including encrypted passwords that can easily be cracked. Kickstarter had no idea that their database was compromised until they were alerted by law enforcement officials. The website technical team then patched up the security glitch and asked all users to replace their old passwords with secure ones. It was announced that no credit card data was compromised, but there is no guarantee that the hackers won’t be able to harvest even this data. While still not announced officially, SQL Injections were probably implemented in the intrusion.

</Read More>
iStock_000014139389Small

Forbes Hacked By SEA; WordPress Vulnerabilities Exploited

Feb 17, 2014 By Sharon Solomon | As the Syrian Civil War rages on, cybercrime activity emerging from the troubled state is reaching monstrous proportions. Syrian president Bashar al-Assad may be losing hold on his people, but his loyal hacker-team is continuing to wreak havoc worldwide and exploit numerous high-profile websites and social media accounts. Forbes is the latest victim of the infamous Arab hacking group. The American business magazine’s website was recently vandalized, with the hackers posting hate-text on the home page. This was achieved by gaining access to the website’s WordPress panel.

</Read More>
Flappy-Bird

Mobile Friday: Flappy Bird Still Maliciously Flapping

Feb 14, 2014 By Sharon Solomon | The simplistic and straightforward Flappy Bird defied all odds and became one of the most popular games of early 2014. The sudden discontinuation of the app has disappointed millions of fans. But where there is disappointment, there is cybercrime potential. The single-player game conquered the mobile gamer’s hearts with its simple “Super Mario” type of gameplay, which has always proved to be compelling. Despite earning over $50,000 a day in in-game advertising revenue, the game was discontinued.

</Read More>
iStock_000003116093Small

BYOD Data Security Becoming Top Priority

Feb 12, 2014 By Sharon Solomon | Today’s booming technology and internet revolution has caused a new problem for CISOs and InfoSec Managers. Bring Your Own Device (BYOD) is the growing phenomenon of employees bringing personal smartphones (BYOP) and laptops/tablets (BYOPC) to work, causing a wide array of communication and security issues. Most IT companies have embraced the latest technological trend, believing that this eventually improves worker productivity. But the security aspect is hugely neglected and can lead to major security breaches and compromise valuable data.

</Read More>
iStock_000016103617Small1

Limiting Google Snooping For A Secure Workspace

Feb 10, 2014 By Sharon Solomon | It’s no secret that Google has become the most dominant platform on the web, providing virtually all types of online services. Although not publicized enough by the company, there are ways to reduce Google’s presence in your workspace and boost your privacy/security. The controversial change that caused a stir worldwide was the merging of Gmail and Google+ accounts. This sudden development enables people to send emails to complete strangers they randomly add on the Google+ network.

</Read More>
iStock_000015765064Small

Mobile Friday: Orange.fr Hacked, 800,000 Customers Affected

Feb 07, 2014 By Sharon Solomon | Major hackings are taking place all the time, with many going undetected and unreported. The latest high-profile intrusion took place recently in France, with an estimated 800,000 customers falling victim to privacy and identity-theft. The mobile giant has notified the victims and apologized for the incident. Around 3% of Orange.fr customers were hit by the massive exploit. The company did not elaborate on how the hackings were performed. The breach was possibly commercially motivated and the French cybercrime division is looking into the unfortunate incident.

</Read More>
iStock_000031987780Small

US-CERT Releases InfoSec Guidelines For 2014 Winter Olympics

Feb 05, 2014 By Sharon Solomon | The 2014 Winter Olympic Games begin on February 6 in Sochi, Russia. While always a spectacular and festive event, the technological aspect brings in numerous Information Security issues. The United States Computer Emergency Readiness Team (Department of Homeland Security) has released a formal advisory ahead of the Sochi Games.

</Read More>
iStock_000019794158Small

Yahoo Mail Hacked. Strong Passwords Now A Necessity

Feb 03, 2014 By Sharon Solomon | While hackers are finding new ways to infiltrate computers and networks, email accounts remain the preferred target for extracting sensitive data. The latest breach was found in the Yahoo email service, which was officially acknowledged and confirmed by the internet company on its Tumblr page.

</Read More>
iStock_000016103617Small1

Google Announces 2014 Pwnium Hacking Contest

Jan 31, 2014 By Sharon Solomon | Hack Chrome OS and get paid for it. The upcoming annual Google Pwnium event is offering you this golden opportunity. Over $2.7 million will be distributed as prize money in the fourth edition of prestigious hacking competition, to be held on March 12 at the CanSecWest security conference in Vancouver, Canada. 

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.