Application Security Trends

Traditional security is well past its expiration date. Learn about the latest trends in AppSec in these posts, from DevOps to SAST and everything in between.
sec-logo-securities-and-exchange-commission-s

What’s HOT in Application Security Vol #35

Nov 09, 2012 By asaphs | Securities and Exchanges Commission leaves sensitive data vulnerable to hackers 
Staff of the Securities and Exchanges Commission (SEC) have left highly sensitive information from exchanges open to hacking and other cyber attacks because they miserably and negligently failed to secure their data  and devices to the required standards. This statement came after inside information was leaked to the News Agency Reuters.

Read More »
Hackers-Gain-Access-to-3-6-Million-SSNs-After-Breaching-S-C-Department-of-Revenue-2

What’s HOT in Application Security Vol #34

Oct 30, 2012 By asaphs | Foreign Hacker Steals 387,000 Credit Card Numbers From South Carolina’s Department of Revenue
A foreign hacker has managed to steal nearly 400,000 credit and debit card numbers as well as 3.6 million Social Security numbers from the South Carolina’s Department of Revenue. While most of the stolen credit card details were encrypted, 16,000 had no encryption whatsoever.

Read More »
300px-US-NationalWeatherService-Logo.svg_

What’s HOT in Application Security Vol #33

Oct 22, 2012 By asaphs | Muslim Hacker Group Attack US National weather Service
A Hacking group from Kosovo calling themselves the Hackers Security group have released sensitive hacked data from the US National weather service. The stolen information included, files from the web server and other sensitive data that could be used for a later attack.

Read More »
sony_logo-300x200

What’s HOT in Application Security Vol#32

Oct 17, 2012 By asaphs | The Sony hacker facing up to 5 years in prison
Raynaldo Rivera who was arrested in August after hacking the Sony Pictures Website has pleaded guilty to the allegations against him and faces a hefty prison sentence of up to five years. The guilty plea was a compromise with the United States Attorney’s Office for the Central District of California. As part of the agreement, Rivera will plead guilty to only one charge against him.

Read More »
hitbmalaysia

What’s HOT in Application Security Vol#31

Oct 09, 2012 By asaphs | This Year’s Hack In The Box Conference To Hold Big Hitters In The Web Application Security World
This year’s famous Hack In The Box security conference is being held in Kuala Lumpur. Among the interesting events, Google will be hosting its Pwnium competition which first debuted at the CanSecWest security conference in March in Vancouver, British Columbia.

Read More »
300px-Flag_of_Canada.svg_

What’s HOT in Application Security Vol #30

Sep 30, 2012 By asaphs | Hackers breach major Canadian based control system technology supplier
Hackers have within the last few days managed to hack a major Calgary based technology company, Telvent Canada, known to be major suppliers of control systems for electrical grids, public water systems, public transport functions and most of Canada’s oil and pipelines. Insiders say the hacking was substantial enough to warrant the intervention of the Canadian spy service, the RCMP and the federal government’s special cyber response agency.

Read More »

What’s HOT in Application Security Vol #29

Sep 18, 2012 By asaphs | More than half of all companies experienced a security breach in the past year and a half
More than half of all companies in the world experienced some kind of security breach in the past 18 months; worrying statistic, given the level of damage a security breach can do to a company. The statement comes from a report which was released last week dubbed the “Software Security Risk Report”.

Read More »
CONTACT_US_BRIDAL

What’s HOT in Application Security Vol #28

Sep 12, 2012 By asaphs | Web hosting company GoDaddy hacked
GoDaddy, the web hosting service provider was hacked on Monday by a supporter of Anonymous, a self-proclaimed group of rogue hackers. The attack also affected many of GoDaddy’s customers. The attack caused GoDaddy and many of the company’s 10.5 million customer’s web sites to go down for several hours on Monday afternoon. The person behind the attack claimed that the GoDadddy and its affiliated sites collapsed under a flood of traffic caused by a DDoS attack.

Read More »
microsoft-logo

What’s HOT in Application Security Vol#26

Aug 27, 2012 By asaphs | Microsoft vulnerable to VPN attack
Microsoft’s MS-CHAP v2 (Microsoft Challenge Handshake Authentication Protocol version 2) which is used to authenticate users in PPTP-based (Point-to-Point Tunneling Protocol) VPNs has been shown to be vulnerable to hacks according to reports from the recent Defcon conference.

Read More »

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.

SUBSCRIBE