Tag : DDOS

iStock_000006232984Small

Mobile Friday: Google Waze Hacked By Technion Students

Mar 28, 2014 By Sharon Solomon | Waze has come a long way since its launch back in 2008. Winner of the Best Overall Mobile App award at the 2013 Mobile World Congress, the Israeli based startup was sold to Google last year for a whopping $1.3 Billion. Unfortunately, two students from the Technion have revealed a huge security issue in the popular app.   The revolutionary Israeli navigation software made waves by integrating social networking into its user interface and enabling commercial collaborations with strategic businesses. Even Google couldn’t afford to stay indifferent to the app’s massive potential. Everything was looking bright until Shir Yadid and Meital Ben-Sinai, software engineering students at the Technion Institute of Technology in Israel, found a glaring loophole in the application. Waze are aware of the POC, but have not released any security patches so far.

</Read More>
iStock_000034723050Small

Bitcoin Crashing Due To Steep Rise in Cybercrime

Mar 19, 2014 By Sharon Solomon | The Bitcoin bandwagon has stalled. The value of the Cryptocurrency skyrocketed in 2013, but a downward trend is being witnessed this year. Investors and traders wishing to see Bitcoins in the mainstream e-commerce scene will probably have to wait a little longer.
Besides the glaring lack of regulation and worrying price volatility, cybercriminal activity has put a huge dent in the digital currency’s credentials. The hacking techniques are not new, nor are the vulnerabilities found in the Bitcoin exchanges.
More and more Bitcoin exchanges are being exploited with the help of malware and common phishing techniques. Coinbase and Flexcoin are just two of many Bitcoin platforms that have fallen prey to hackers and fraudsters.

</Read More>
iStock_000021392169Small

The Worrying Security State of CMS Platforms

Mar 17, 2014 By Sharon Solomon | The use of Content Management Systems (CMS) is on the rise. Over 20% of the top 10,000 websites today rely on CMS platforms, namely WordPress, Drupal and Joomla. But the quick setup and customizable functionality come at a price. Security issues are being exposed and exploited by cybercriminals.
Checkmarx’s Research Lab studied the vulnerabilities in WordPress plugins and the findings were not quite encouraging. 20% of the 50 most popular WordPress plugins used today were found to be vulnerable to web attacks.

</Read More>
iStock_000023444420XSmall-300x199

The Week in Security: PWN2OWN, Double DDoSes, Malaysian Plane Crash Scams & Target’s Missed Alarms

Mar 16, 2014 By Sarah Vonnegut | This week in security was busy with a little bit of everything – breaches, hacking contests, cyber scams, hacktivism and more. Here’s the lowdown on all the biggest security stories of the week: 

</Read More>
iStock_000019119199Small

Windows XP Dying Maliciously, Zero-Day Attacks Imminent

Mar 10, 2014 By Sharon Solomon | Microsoft has announced that all official Windows XP support will be terminated on April 8, 2014. But despite the fact that zero-day is just around the corner, millions of businesses and individuals are still using the legacy platform, making them extremely vulnerable to hacking and malware attacks. The Windows XP platform’s ecosystem is officially going to expire. Launched in 2001, Microsoft ended its mainstream support for the platform in April 2009. A 5-year support plan was then announced following the platform’s huge success.

</Read More>
iStock_000027071780Small

Botnet Alert: Your Refrigerator May Be Infected

Jan 27, 2014 By Sharon Solomon | The “smart” home appliances we all are letting into our lives are getting “smarter”. This isn’t a movie plot, nor is it a scientific experiment. Security provider Proofpoint estimates that over 750,000 phishing and spam emails have already been sent out by infected fridges, televisions and other appliances.

</Read More>
iStock_000030768048XSmall1

Israeli Banks Hacked. Millions Of Customers In Danger

Dec 27, 2013 By Sharon Solomon | Three Israeli banks recently received an anonymous message, claiming that more than 3 million of their customer’s account details have been stolen. But gone are the days of unmarked bills. The hacker is expecting a huge Bitcoin payoff by next week. The clock is now ticking. The involved banks are Israel Discount Bank, First International Bank of Israel and Bank Yahav for Government Employees Ltd. Needless to say, the news has created lots of unrest in the land of milk and honey.

</Read More>
we-are-anonymous

What’s HOT in Application Security Vol #38

Dec 03, 2012 By asaphs | Hacking Group ‘Anonymous’ attacks Syrian Government websites In Response To Syrian Internal Internet Blackout
In response to a Syrian government move which has closed all fax, phone and Internet lines coming out of the troubled country, the hacking group ‘Anonymous’ started last Friday to attack and shut down government and affiliated pro-Syrian websites.

</Read More>
groupon.co_.il-hacked-300x168

What’s HOT in Application Security Vol #37

Nov 20, 2012 By asaphs | Hacktivists reach a new level of cyber terror in Israel
Since the outbreak of hostilities between Gaza and Israel, several Israeli companies as well as those doing business with them have absorbed quite a few cyber attacks. According to various sources, 44 million attacks have been prevented since rockets began falling.

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.