News | Checkmarx Application Security

Checkmarx.com

News

Your one stop for the latest application security articles, stories, and trends. Stay on top of the news and know what’s happening, both at Checkmarx and in the industry at large.

News

45 Million Potentially Impacted by VerticalScope Hack
June 15, 2016

VerticalScope, which hosts 1,100 websites and forums, was hacked earlier this year, with the details of around 45 million users later leaked online. Some of the most popular online communities hosted by VerticalScope include Techsupportforum.com, MobileCampsites.com, Pbnation.com, and Motorcycle.com, all of which were impacted by data leak. Apparently, the data... Read More

The Beginners Guide To Application Security, AKA The Beginners Guide To Hacking
June 9, 2016

For software developers who quite understandably detest hackers, it probably doesn’t seem natural or appealing to think like a hacker in order to build better applications. But does the FBI... Read More

Millions of Twitter Credentials Up for Sale for Less Than a Cent Each
June 9, 2016

A hacker, who has links to the recent MySpace, LinkedIn and Tumblr data breaches, is claiming another trophy: Millions upon millions of Twitter accounts. The Russian hacker, going by the... Read More

OWASP Top 10 & Open Source Code: Why Watching Your Back Means Watching Everyone Else’s
June 6, 2016

At times, being a developer can feel a little bit like being back in school and getting partnered up on projects. You would work your butt off, fastidiously checking and... Read More

Don’t wait for the police: plugging holes in your website forms to avoid SQL injection
June 6, 2016

It’s been a while since the last major Florida election controversy but at long last the sunshine state has delivered. A cybersecurity researcher exposed serious vulnerabilities in the Lee County... Read More

5 Ways to Create a Secure Software Development Life Cycle (sSDLC)
June 5, 2016

Enterprise level software needs a tightly bound software development life cycle (SDLC) to ensure deployed applications follow business requirements and stay bug-free. In the Hollywood blockbuster version of this high-stakes... Read More

Easy and Cost-Effective Secure App Development
June 4, 2016

Every year, we see a considerable increase in the number and severity of cybersecurity incidents from which companies suffer major financial losses, harm to their reputation, and irreparable damage to their customers. In 2015 alone, cybercriminals raked in billions of dollars from data breaches, as well as account information for... Read More

Hacking: The Case for Prevention Rather Than Cure
June 2, 2016

When the movie Sneakers came out in 1992, hacking wasn't considered a real threat; it was almost something cool that really clever kids did just to prove they could.  More than two decades later, hacking has taken on a far more sinister tone and become a much more profitable profession.... Read More

The OSI model, your security, and giving special consideration to the application layer
June 2, 2016

There’s a certain poignant disappointment that occurs when your expectations do not align with reality. Especially when your expectations are both reasonable and logical. Take the topic of securing an... Read More

How to Integrate Application Security Testing Into the Agile Development Process
June 2, 2016

Testing and rooting out bugs are integral parts of any successful application development process. Most prominent software development standards, including the popular Agile method, include provisions for making sure the end-product... Read More

The Internet of Things will only ever be as secure as its application
June 1, 2016

The pace at which the Internet of Things (IoT) is entering our homes and workplaces is phenomenal. This proliferation brings lots of potential benefits to users but it also presents... Read More

Why websites are so vulnerable to hackers
May 31, 2016

Hackers just can’t get enough of hacking websites. Malicious actors break into them to upload infected copies of operating systems or distribute malware. Fraudsters use website vulnerabilities to steal sensitive credentials and financial info. The feds take them over to track down child porn consumers. Hacktivists take them down to... Read More

Update: 117 million LinkedIn email credentials found for sale on the dark web
May 26, 2016

The 2012 LinkedIn data breach may be the breach that just keeps on giving with the news that 117 million customer email credentials originating from that hack were found for... Read More

By the numbers: Cyber attack costs compared
May 24, 2016

Data breaches caused by malicious insiders and malicious code can take as long 50 days or more to fix, according to Ponemon Institute's 2015 Cost of Cyber Crime Study. While malware, viruses, worms, trojans, and botnets take only an estimated 2-5 days to fix. Unsurprisingly, attacks by malicious insiders are... Read More

Crowdsource your security knowledge: A simple guide to OWASP Top 10
May 20, 2016

Over the past two years, the Internet has seen some of the biggest, most devastating data breaches in history. With each attack, millions of personal identifiable information records are stolen,... Read More

Hacker looks to sell 117M LinkedIn passwords from 2012 data breach
May 19, 2016

LinkedIn says that it is moving quickly to deal with the release of data from a 2012 security breach, which could include 117 million passwords. A hacker is reportedly looking... Read More

Tools, skills and budgets can help developers fight rise in Web app cyber attacks
May 18, 2016

Checkmarx announced that three recent reports highlight the challenge faced by developers in securing code as attacks against web applications increase, while security budgets for developers remain low. As highlighted... Read More

Click-fraud botnet infects 900K to earn money via Google AdSense
May 17, 2016

A click-fraud botnet dubbed “Redirector.Paco Trojan” has infected 900,000 IPs worldwide and has the ability to reconfigure browser settings and network communications. The malware is spread via installers that are... Read More

Security Pros Concerned About Facebook Payment Expansion
May 1, 2016

Facebook's Messenger app has allowed users to send money to friends using their debit cards since last spring, but recent reports indicate that Facebook may be considering a move into the retail payments space as well, following in the tracks of Apple, Samsung and Google. Facebook will need to be... Read More

Static Code Analysis Tools for Bulletproof Software Security
March 30, 2016

Software security is no longer just anti-virus and firewalls. The cloud today offers plenty of excellent options for software developers to increase user reach and availability, yet while these options are beneficial for marketing and revenue, they create many more possibilities for security holes. Manual security reviews are useful, but... Read More

Skip to content