Checkmarx Blog

IoT-Hacking Horror Stories: Screaming at Babies & Jamming the Roads

In the ‘wonderful world’ of the Internet of Things, two interesting stories – one about hacking traffic systems and another about attackers screaming at babies in their cribs – have recently popped up that should make us stop and think about its current state of security.  Taking It To The Streets In the first story,

Read More »

Mobile Sunday: Viber Encryption Troubles Putting Millions at Risk

The Viber instant messaging app has become a household name, with over 200 million downloads worldwide. This cross-platform software is also compatible with desktops and provides unique functionality. But researchers at the University of New Haven have now exposed the lack of data encryption in the popular mobile app, a serious security problem. This is

Read More »

You’ve Got a Breach: AOL Investigating After Spoofing Incident

If you just couldn’t get enough of changing your passwords after the Heartbleed fiasco and still keep an active AOL account, you’re in luck. The company announced on Monday that it is further investigating a security incident after a “significant” number of user accounts were found to have been compromised, with AOL estimating around 2%

Read More »

Checkmarx Heartbleed Vaccination Now Available

Checkmarx has now released an update that scans your application source code for the Heartbleed-vulnerable library code.  The Heartbleed vulnerability had affected almost half a million secure web servers, certified by trusted authorities, by the time it was exposed. The bad news is that the problem still exists. More than 2% of the Alexa world

Read More »

Hackers Already Exploiting Microsoft IE Zero Day ​in Federal, Financial Orgs.

Hackers are already busy at work exploiting a just-discovered zero-day security flaw in Microsoft’s Internet Explorer, posing a serious risk to up to 56% of the world browser market. The vulnerability was found in all versions of the browser and as of today, “limited, targeted attacks” have been leveraged against IE versions 9, 10, and

Read More »

Mobile Sunday: GoogolPlex Hack Takes Siri To Risky Levels

Imagine unlocking your car by simply talking to your iPhone. Or would you rather chat with your washing machine or dish-washer while at work? All these actions can soon become possible thanks to an innovative Siri hack called GoogolPlex, which was developed and implemented by a group of American youngsters. GoogolPlex was recently demonstrated by

Read More »

The Week in Security: Your Top 6 Stories

Apple Security Updates and Spoofing and Heartbleed …oh my. These are your weeks top security stories: Aol Hit With Major Email Spoofing Hack In a blast from the past security story, Aol email users have been suffering from spoofed accounts. Spoofed emails are pesky messages, in this case containing malicious links, that had their FROM

Read More »

Top-Selling WiFi DSL Modems Routing Hackers Your Way

WiFi DSL routers have become a staple part of all professional computing setups. Unfortunately, wireless communication also introduces numerous vulnerabilities. A massive backdoor was found in popular NetGear, Linksys/Cisco and SerComm WiFi DSL modems back in December 2013. Security patches released by the companies have not solved the problem. More than 20 popular models sold worldwide

Read More »

Web App Attacks: 7 Takeaways from the New Verizon DBIR

Hackers going after Web applications are getting smarter and faster by automating their malicious tools, and organizations are struggling to keep up. This was among the biggest revelations in Verizons’ 2014 Data Breach Investigations Report. The report analyzed over 63,000 security incidents over the past year, 1,367 of which resulted in a breach. It may

Read More »

Jump to Category