Tag : Application Security

european-union-hacked-300x203

What’s HOT in Application Security Vol #36

Nov 13, 2012 By asaphs | EU Official hacked at an Internet Security Conference
A European Union Official has come out in a statement which declared that her staff was hacked when they attended an internet Security conference last month in Azerbaijan. EC Vice President Neelie Kroes, released a statement about the ironic hack in her blog last week, where she went into further detail to explain the scope of what happened and how her and her employees computers were compromised at a meeting of the Internet Governance Forum in Baku.

</Read More>
sec-logo-securities-and-exchange-commission-s

What’s HOT in Application Security Vol #35

Nov 09, 2012 By asaphs | Securities and Exchanges Commission leaves sensitive data vulnerable to hackers 
Staff of the Securities and Exchanges Commission (SEC) have left highly sensitive information from exchanges open to hacking and other cyber attacks because they miserably and negligently failed to secure their data  and devices to the required standards. This statement came after inside information was leaked to the News Agency Reuters.

</Read More>
Hackers-Gain-Access-to-3-6-Million-SSNs-After-Breaching-S-C-Department-of-Revenue-2

What’s HOT in Application Security Vol #34

Oct 30, 2012 By asaphs | Foreign Hacker Steals 387,000 Credit Card Numbers From South Carolina’s Department of Revenue
A foreign hacker has managed to steal nearly 400,000 credit and debit card numbers as well as 3.6 million Social Security numbers from the South Carolina’s Department of Revenue. While most of the stolen credit card details were encrypted, 16,000 had no encryption whatsoever.

</Read More>
300px-US-NationalWeatherService-Logo.svg_

What’s HOT in Application Security Vol #33

Oct 22, 2012 By asaphs | Muslim Hacker Group Attack US National weather Service
A Hacking group from Kosovo calling themselves the Hackers Security group have released sensitive hacked data from the US National weather service. The stolen information included, files from the web server and other sensitive data that could be used for a later attack.

</Read More>
microsoft-logo

What’s HOT in Application Security Vol#26

Aug 27, 2012 By asaphs | Microsoft vulnerable to VPN attack
Microsoft’s MS-CHAP v2 (Microsoft Challenge Handshake Authentication Protocol version 2) which is used to authenticate users in PPTP-based (Point-to-Point Tunneling Protocol) VPNs has been shown to be vulnerable to hacks according to reports from the recent Defcon conference.

</Read More>

What’s HOT in Application Security Vol #20

Jul 16, 2012 By Administrator | Yahoo left red-faced after SQL injection vulnerability reveals nearly half a million passwords!
A hacking group who name themselves ‘DD3Ds Company’ have, within the last few days leaked 453,492 yahoo text passwords for Yahoo accounts. DD3Ds Company now claim that they attained the passwords by means of SQL injection against a poorly secured Yahoo subdomain. Security experts have named the it as Yahoo Voices.

</Read More>

What’s HOT in Application Security Vol #19

Jul 09, 2012 By Administrator | Cyber Attacks on ATM and online banking are at an all time high
Cyber Attacks which are aimed at online banking applications are at an all time high, according to several security experts. Unsurprisingly, almost one third of all attacks were aimed at banks which reside in the Gulf, where the banks are swelling with oil money and where small amounts of money missing from accounts are likely to go un-noticed.

</Read More>
Application-Security-News-Thumbnail

What’s HOT in Application Security Vol #18

Jul 02, 2012 By Administrator | What are the Top Flaws in Web Applications?
When it comes to security, web applications are consistently the most vulnerable to penetration. Here are some of the top flaws in web applications:

</Read More>
Application-Security-News-Thumbnail

What’s HOT in Application Security Vol #17

Jun 25, 2012 By Administrator | PayPal to Grant Money for Reported Vulnerabilities
Asking hackers to report security breaches they find without being rewarded doesn’t seem to work. There has to be some kind of an incentive. EBay, Amazon, Sony and now PayPal will provide security researchers who discover vulnerabilities in its website with money prizes. This encourages hackers to search for security breaches but at the same time, instead of using the vulnerabilities for illegal intentions they could make some money, disclose the vulnerabilities that they find on to their own personal blogs, and possibly make a name for themselves.

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.