Checkmarx Blog


Hacker’s Paradise – New Virus Transfers Stolen Data Using Inaudible Sounds

Dec 06, 2013 By Sharon Solomon | Air-Gap Jumping Communication. Networkless hacking. Sci-fi movie themes are now turning into reality. German researchers Michael Hanspach and Michael Goetz have created what can potentially become the driving force behind the next-gen malware. Security experts be warned – offline computing is not going to be safe for long. 
Read More »

Free Wi-Fi Hotspots – A Risky Luxury

Dec 04, 2013 By Sharon Solomon | The wireless revolution has turned internet access into a basic necessity. Social media networking and entertainment on-the-go are in high demand. In this reality, Wi-Fi hotspots are seen as blessings, even when the signal is coming from an unknown source. But this is a huge security risk that people rarely take into consideration.
Read More »

CISO’s: Pre-Planning Your Application Security Program

Dec 03, 2013 By Sarah Vonnegut | Application Security is never a ‘one-and-done’ deal. It is ongoing, ever-evolving, and its’ centrality in organizations ever-growing. As technology’s scope and complexity increases, the emphasis on application security needs to grow as well; No matter which stage you are in the maturity model, application security is a constant in your approach.
Read More »

Istana Website Hacked; Singapore Cybercrime On The Rise

Dec 02, 2013 By Sharon Solomon | The list of hacked websites just keeps getting longer. The Istana website, official cyber-domain of Singapore’s Presidential Office, is the latest high-profile casualty. The Singaporean police have arrested two suspects, who have been charged under the Computer Misuse and Cybersecurity Act, punishable by up to five years in prison.
Read More »

This Week In Application Security News: Nov. 25 – Dec. 1

Dec 01, 2013 By Sarah Vonnegut | Winner of the ‘Worst Week’ award goes to James Howells, who this week realized he threw away a hard drive with 7,500 Bitcoins worth over $7.5 million in current BTC value. Read about his million dollar fumble, the still-unfolding Vodafone breach, new NSA snooping and more in this week’s edition of The Week in AppSec.
Read More »

Top-10 Essential Challenges of Mobile Security

Nov 29, 2013 By Sharon Solomon | Mobile Security has become a crucial aspect of protecting sensitive data and information. Malicious attacks once focused on PC’s have now shifted to mobile phones and applications. Mobile makers are aware of this fact and are investing heavily in security.
Read More »

2,000+ Websites Vulnerable With Ruby on Rails Flaw

Nov 28, 2013 By Sarah Vonnegut | A new exploit, discovered by a white-hat hacker, puts users of over 2,000 Websites in danger of attack. Older versions of Ruby on Rails, a popular open source Web app, employ a defective session management system that could affect the users on the thousands of sites that use it. G.S. McNamara, a security researcher based in D.C., first found the vulnerability issue back in September. The exploit is an Insufficient Session Expiration weakness, and McNamara says it’s fairly common. It’s especially dangerous for shared computers with lots of daily user turnover, such as in libraries or internet cafes.
Read More »

Cybersecurity Checklist For Holiday Shopping & Travel

Nov 27, 2013 By Sarah Vonnegut | For many in the U.S., the Thanksgiving weekend officially begins at the end of today’s work day and thus starts the beginning of the holiday season. This year there will already be enough pains to deal with: congested roads, packed stores and airports, not to mention messy weather. One headache you can avoid is Cybercrime, so take these fairly simple steps to keep yourself and your gadgets secure while traveling and shopping.
Read More »

NSA Malware Attacks Exposed; Over 50,000 Computers Hacked

Nov 26, 2013 By Sharon Solomon | Edward Snowden, the infamous ex-NSA employee, is still creating waves with his leaked documents. The latest evidence sheds light on the NSA’s hacking capabilities and the extent of the damage done. Tailored Access Operations (TAO), a special unit with a task-force of more than a thousand hackers, orchestrated the cyber-attacks.
Read More »

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.