Checkmarx Blog


Crowdfunding Kickstarter Gets Hacked & Other Security Stories This Week

Feb 16, 2014 By Sarah Vonnegut | This week, Kickstarter suffered its’ first major breach with minor consequences, Target’s back in the ring with new reports indicating missed warnings from analysts about the payment systems, the Syrian Electronic Army strikes again, this time hitting Forbes, Internet Explorer suffered critical zero-day exploits and more. Before the next week full of security scares rolls in, take a moment to catch up on the stories you may have missed last week. 
Read More »

Mobile Friday: Flappy Bird Still Maliciously Flapping

Feb 14, 2014 By Sharon Solomon | The simplistic and straightforward Flappy Bird defied all odds and became one of the most popular games of early 2014. The sudden discontinuation of the app has disappointed millions of fans. But where there is disappointment, there is cybercrime potential. The single-player game conquered the mobile gamer’s hearts with its simple “Super Mario” type of gameplay, which has always proved to be compelling. Despite earning over $50,000 a day in in-game advertising revenue, the game was discontinued.
Read More »

Keeping Up With The Hackers: Where To Practice Your Web Hacking Skills

Feb 13, 2014 By Sarah Vonnegut | This guest post is by application security professional Dave Ferguson. Keep up with Dave’s posts on his blog!
There’s a shortage of application security experts.  Hackers seem to continually have the upper hand over those trying to defend applications against threats.  One reason is that software has become so prevalent; This trend will only continue (we’ll need even more software if we’re going to enable The Internet of Things).  The bottom line is that we’re writing code faster than we can secure it.
Read More »

BYOD Data Security Becoming Top Priority

Feb 12, 2014 By Sharon Solomon | Today’s booming technology and internet revolution has caused a new problem for CISOs and InfoSec Managers. Bring Your Own Device (BYOD) is the growing phenomenon of employees bringing personal smartphones (BYOP) and laptops/tablets (BYOPC) to work, causing a wide array of communication and security issues. Most IT companies have embraced the latest technological trend, believing that this eventually improves worker productivity. But the security aspect is hugely neglected and can lead to major security breaches and compromise valuable data.
Read More »

RSA USA Preview: ‘It’s A Jungle Out There: The Security State of the CMS Platform’

Feb 11, 2014 By Sarah Vonnegut |
Checkmarx Founder & CTO Maty Siman will be leading a session at the conference this year on the security of the most popular content management systems and how to protect yourself against attacks:
It’s a Jungle Out There: The Security State of CMS Platforms
February 26th | 10:40 AM | Room 3012
Read More »

Limiting Google Snooping For A Secure Workspace

Feb 10, 2014 By Sharon Solomon | It’s no secret that Google has become the most dominant platform on the web, providing virtually all types of online services. Although not publicized enough by the company, there are ways to reduce Google’s presence in your workspace and boost your privacy/security. The controversial change that caused a stir worldwide was the merging of Gmail and Google+ accounts. This sudden development enables people to send emails to complete strangers they randomly add on the Google+ network.
Read More »

The Sochi Hacking Scare Take Down & The Rest of The Weeks Best

Feb 09, 2014 By Sarah Vonnegut |  
This week, NBC got called out for a slightly exaggerated report of hacking in Sochi (hint: they weren’t even in Sochi); SnapChat got hit with another vulnerability report; Target was hacked via their A/C and heat guys and more. Here’s a short n’ sweet version of the weeks’ news you may have missed.
Read More »

Mobile Friday: Hacked, 800,000 Customers Affected

Feb 07, 2014 By Sharon Solomon | Major hackings are taking place all the time, with many going undetected and unreported. The latest high-profile intrusion took place recently in France, with an estimated 800,000 customers falling victim to privacy and identity-theft. The mobile giant has notified the victims and apologized for the incident. Around 3% of customers were hit by the massive exploit. The company did not elaborate on how the hackings were performed. The breach was possibly commercially motivated and the French cybercrime division is looking into the unfortunate incident.
Read More »

US-CERT Releases InfoSec Guidelines For 2014 Winter Olympics

Feb 05, 2014 By Sharon Solomon | The 2014 Winter Olympic Games begin on February 6 in Sochi, Russia. While always a spectacular and festive event, the technological aspect brings in numerous Information Security issues. The United States Computer Emergency Readiness Team (Department of Homeland Security) has released a formal advisory ahead of the Sochi Games.
Read More »

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.