Checkmarx Announces New GitHub Action

Tag: Checkmarx Security Research Team

Cybersecurity Awareness Month Week 1: Day in the Life, Security Researcher

Welcome to week one of Checkmarx’s ‘Day in the Life’ Q&A series for Cybersecurity Awareness Month! Aren’t familiar with what we have planned for October? More here! Have you ever wondered what a typical day looks like for a security researcher? If so, you’ve come to the right place! We’re kicking things off with Erez

Read More ›

Privilege Escalation on Meetup.com Enabled Redirection of Payments

The Checkmarx Security Research Team recently audited the security of several high-profile websites, including Meetup.com. For those who are not familiar with Meetup.com, it allows users to create an event where people with similar interests gather. Events can be in person, and in light of the ongoing pandemic, many of them have moved to virtual

Read More ›

Checkmarx Research: Smart Vacuum Security Flaws May Leave Users Exposed

There is little doubt that today’s consumers have a tendency to choose convenience over security. When a shiny new gadget designed to make our lives easier finds its way to the consumer market, buyers often jump at the opportunity to purchase it and put it into action. Unfortunately, every new internet-connected gadget opens users up

Read More ›

Checkmarx Research: Apache Dubbo 2.7.3 – Unauthenticated RCE via Deserialization of Untrusted Data (CVE-2019-17564)

Executive Summary Having developed a high level of interest in serialization attacks in recent years, I’ve decided to put some effort into researching Apache Dubbo some months back. Dubbo, I’ve learned, deserializes many things in many ways, and whose usage world-wide has grown significantly after its adoption by the Apache Foundation. Figure 1 – Dubbo

Read More ›

Checkmarx Research: SoundCloud API Security Advisory

Recently, the Checkmarx Security Research team investigated the online music platform SoundCloud. According to their website, “As the world’s largest music and audio platform, SoundCloud lets people discover and enjoy the greatest selection of music from the most diverse creator community on earth.” This investigation was part of a broader research conducted by Checkmarx, in

Read More ›

Jump to Category