Join us at RSA conference 2019  San Francisco, March 4-8

Checkmarx Blog

What’s HOT in Application Security Vol #1

Hackers in China accused of a long term breach of Nortel For almost ten years Chinese hackers gained complete access to the internal network of Nortel Networks, Ltd. Nortel was previously considered to be a telecommunications power house but has been struggling financially in recent years. The hackers stole several passwords from top Nortel executives

Read More ›

LDAP Injection

LDAP Injection (CWE: 90) is an attack allowing the attacker to modify LDAP queries. Recently, I encountered a nice LDAP Injection – and I started asking myself why do we hear so little about such vulnerabilities? I would expect the opposite.

Read More ›

Path Manipulation, Directory Traversal, and interesting JAVA code

Directory Traversal Attacks Directory Traversal (CWE: 22) is usually considered a subset of Path Manipulation (CWE: 73). Directory Traversal, also referred to as Path Traversal,  attacks occur by manipulating variables with the ‘../’ (dot-dot-slash is another name this attack sometimes goes by) sequences, and attempt to access directories and files stored in a system. Path Directory

Read More ›

Jump to Category