Checkmarx Blog


Rough 2014 Predicted For Two-Step Verification

Dec 30, 2013 By Sharon Solomon | Two-Step Security is the latest weapon in the battle against cybercrime. More and more major websites are adopting the Double Verification technique to deter hackers from stealing personal data and information. But there is bad news – this method will be rendered ineffective or even useless in 2014.
Read More »

This Week in AppSec: December 23–29, 2013

Dec 29, 2013 By Sarah Vonnegut | Christmas week did not exactly bring out the best in some this year – especially when it came to breaches and vulnerabilities. Between Target’s mess of 40M customer records breached, Snapchat’s security fail, Samsung’s vulnerability and Dogecoin’s first hack on Christmas Day, the last full week of 2013 was not Application Security’s best. Let’s take a look, shall we?
Read More »

Israeli Banks Hacked. Millions Of Customers In Danger

Dec 27, 2013 By Sharon Solomon | Three Israeli banks recently received an anonymous message, claiming that more than 3 million of their customer’s account details have been stolen. But gone are the days of unmarked bills. The hacker is expecting a huge Bitcoin payoff by next week. The clock is now ticking. The involved banks are Israel Discount Bank, First International Bank of Israel and Bank Yahav for Government Employees Ltd. Needless to say, the news has created lots of unrest in the land of milk and honey.
Read More »

The Grinch Who Stole Christmas – And 30 Million Dogecoins

Dec 26, 2013 By Sarah Vonnegut | Hundreds of owners of the cryptocurrency Dogecoin awoke on Christmas to a not-so-cheery discovery: their digital wallets had been cleared out. Someone has stolen at least 30 million Dogecoin from, one of the largest sites being used to hold Dogecoins. The discovery came after Dogecoin forum users began posting complaints that their funds were disappearing without their authorization. The attack apparently targeted the site themselves, the hacker modifying the sites’ receiving page to ensure transactions came straight to the thief’s’ account. The site has since been shut down and the site’s owners are now investigating the digital robbery.
Read More »

Smile, Your Webcam Has Been Hacked

Dec 25, 2013 By Sharon Solomon | There was a time when hacking involved only stolen data and information. But intruders are always looking for new ways to invade your privacy. The latest trend in the hacking circles involves the enabling of Apple’s MacBook iSight camera while the indicator light is still off, capturing stills without the victim’s knowledge.
Read More »

4 Innovations Alan Turing Contributed To Computer Science (And The World In General)

Dec 24, 2013 By Sarah Vonnegut | “Can machines think?”
Or “can machines do what we (as thinking entities) can do?” Eerie questions to ponder, especially in these tech-forward days with drones that hack other drones mid-air, robots that move like animals, and whatever new thing Apple comes out with. But it’s a question that was first posed to the world 77 years ago, before the first computer was even designed – and way before Siri could ask how she could help us.
Read More »

Samsung Galaxy S4 Vulnerability Exposed. Security Patch Now Available

Dec 23, 2013 By Sharon Solomon | The Galaxy S4, Samsung’s flagship device of 2013, is selling like hotcakes. The Korean giant has shipped over 40 million units in less than seven months. But not all has been rosy in recent weeks. The S4 has a serious security glitch, exposing all Samsung Account details and giving sniffers full access to private information. Mediatek Digital, a firm that tests the security standards of apps and mobile phones, recently exposed the serious flaw. Hackers can track the victims via GPS, access their recent call logs, configure call diverts and even turn off the device.
Read More »

This Week In Application Security: December 16-22, 2013

Dec 22, 2013 By Sarah Vonnegut | If we’re measuring it in cyber-drama, it’s certainly a holiday season to remember!  The past week saw what is potentially the most damaging data breach of 2013 with over 40 million Target customers at risk of credit fraud. On top of that, a major media site got hit for the third time in the same number of years, Israeli-security firm RSA had an NSA kind of week, and a report exposed a newly discovered type of side channel attack using just your computer sound to decrypt sensitive data.
Read More »

Checkmarx Recognizes Young Israeli Talent At The Technion

Dec 20, 2013 By Sharon Solomon | The Technion has been Israel’s leading engineering institute for decades, providing the nation’s booming IT industry with great talent. This week the university’s Department of Computer Science hosted a unique “Start-Up Day”, sponsored by Checkmarx and six other software companies.  The Checkmarx delegation was led by the company’s CTO, Mati Siman. Besides engaging in chats with curious students, he gave an informative lecture about the company’s products and the advantages of Source Code Analysis.
Read More »

Black Friday Breach Nightmare: At Least 45 Million Target Customers Affected

Dec 19, 2013 By Sarah Vonnegut | Target’s famous bullseye logo attracted some malicious arrows over the holiday shopping season as the national retail chain was the target of a major data breach that may be much more serious than first thought as details emerge.
The data breach will potentially affect hundreds of thousands, perhaps millions, of Target customers that shopped in-store at any of the American retail giant’s 1,800+ locations in the U.S. and Canada between Black Friday and December 15th. Brian Krebs, who first reported on the story on his blog, spoke with several sources that corroborated the same story: Target is currently working with the Secret Service to determine the perpetrators, cause, and outcome of an incident in which the data stored on customer’s magnetic card stripe was stolen.
Read More »

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.