Application Security Trends

Traditional security is well past its expiration date. Learn about the latest trends in AppSec in these posts, from DevOps to SAST and everything in between.
iStock_000014139389Small

Forbes Hacked By SEA; WordPress Vulnerabilities Exploited

Feb 17, 2014 By Sharon Solomon | As the Syrian Civil War rages on, cybercrime activity emerging from the troubled state is reaching monstrous proportions. Syrian president Bashar al-Assad may be losing hold on his people, but his loyal hacker-team is continuing to wreak havoc worldwide and exploit numerous high-profile websites and social media accounts. Forbes is the latest victim of the infamous Arab hacking group. The American business magazine’s website was recently vandalized, with the hackers posting hate-text on the home page. This was achieved by gaining access to the website’s WordPress panel.

Read More »
iStock_000003116093Small

BYOD Data Security Becoming Top Priority

Feb 12, 2014 By Sharon Solomon | Today’s booming technology and internet revolution has caused a new problem for CISOs and InfoSec Managers. Bring Your Own Device (BYOD) is the growing phenomenon of employees bringing personal smartphones (BYOP) and laptops/tablets (BYOPC) to work, causing a wide array of communication and security issues. Most IT companies have embraced the latest technological trend, believing that this eventually improves worker productivity. But the security aspect is hugely neglected and can lead to major security breaches and compromise valuable data.

Read More »
iStock_000016103617Small1

Google Announces 2014 Pwnium Hacking Contest

Jan 31, 2014 By Sharon Solomon | Hack Chrome OS and get paid for it. The upcoming annual Google Pwnium event is offering you this golden opportunity. Over $2.7 million will be distributed as prize money in the fourth edition of prestigious hacking competition, to be held on March 12 at the CanSecWest security conference in Vancouver, Canada. 

Read More »
iStock_000027071780Small

Botnet Alert: Your Refrigerator May Be Infected

Jan 27, 2014 By Sharon Solomon | The “smart” home appliances we all are letting into our lives are getting “smarter”. This isn’t a movie plot, nor is it a scientific experiment. Security provider Proofpoint estimates that over 750,000 phishing and spam emails have already been sent out by infected fridges, televisions and other appliances.

Read More »
michaels-300x199

Crafty Hackers & Other AppSec Stories This Week

Jan 26, 2014 By Sarah Vonnegut | Breaches seem to be hitting every country across every industry these days. This week was no better. Not only did the biggest craft store in the U.S. disclose a breach affecting an unknown number of credit card users, but nearly 40% of South Koreans as well as 16 million Germans are dealing with the affects of major breaches in each of those countries. With the list of 2013’s worst and most overused passwords wrapping up the week’s news, let’s hope the rest of 2014 is a more secure year.

Read More »
iStock_000031271006XSmall

Worst Passwords of 2013

Jan 24, 2014 By Sharon Solomon | The results are out. SplashData, a leading password management application provider, has released its annual list of 25 most common passwords found on the net. The list was compiled with the help of data files consisting of millions of stolen passwords, published by leading hackers on the net.

Read More »
iStock_000012980185XSmall

ATMs Robbed With Malicious USB Drives

Jan 20, 2014 By Sharon Solomon | Lovers of the “Terminator” movie series surely remember how John Connor used his cool “binary code gadget” to hack into his local ATM machine. Technology has changed a lot since the early nineties, but hackers are still milking ATMs using malware-loaded USB drives. It’s estimated that millions of dollars have already been stolen in Europe alone. ATMs have always been an object of temptation for criminals and fraudsters. While it has become very difficult to physically vandalize and carry away these machines, tampering with their parameters is quite a simple task.

Read More »
iStock_000016399323XSmall

Cloned Minecraft for Android Doing the Rounds

Jan 17, 2014 By Sharon Solomon | The underground Android application market is booming. More and more pirated games are available for direct download on the net. One such game, the cloned Minecraft PE, is causing extensive damage all across the globe. Users of the Trojanized version are advised to uninstall the game immediately. The temptation is irresistible for any hardcore gamer. When costly games are available at a discount or even for free, downloading via the black-market becomes a no-brainer for many. But what is often forgotten is that mobile security is seriously compromised. The aforementioned Trojanized version of Minecraft PE, which is still available in various Russian pirate app stores, is a huge security risk. Available for 2.50 Euros, this cloned version infiltrates the system and exploits the victims’ cell phones.

Read More »

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.

SUBSCRIBE